Forum Discussion
Anuj_Chaudhary_
Nimbostratus
NimbostratusError in certificate
Hi All,
We are getting below error for the URL,but no error for another URL,as we are using same wildcard certificate for the both URLs :
Pls. let me know why we are getting above error ?
Regards, Anuj
Much more information needed ... can you please specify what the 2 URLs are, and for each URL detail out what the Chrome connection information says (obtained by left-clicking on the x'ed out lock, and switching to the "Connection" tab). If you can also provide details on the certificate - the certificate Purposes, the Subject, the Subject Alternate Name, at least. You can obtain those by clicking on the "Certificate Information" link on the "Connection" tab I mentioned - purposes will be listed on the first tab in the resulting dialog, and the "Details" tab will let you walk through the fields that make up the cert, till you find Subject, and Subject Alt Name.
daboochmeister_Altocumulus
Much more information needed ... can you please specify what the 2 URLs are, and for each URL detail out what the Chrome connection information says (obtained by left-clicking on the x'ed out lock, and switching to the "Connection" tab). If you can also provide details on the certificate - the certificate Purposes, the Subject, the Subject Alternate Name, at least. You can obtain those by clicking on the "Certificate Information" link on the "Connection" tab I mentioned - purposes will be listed on the first tab in the resulting dialog, and the "Details" tab will let you walk through the fields that make up the cert, till you find Subject, and Subject Alt Name.
Anuj_Chaudhary_URLs as below : https://loadandtrim.goindigo.in https://uat.loadandtrim.goindigo.in
daboochmeisterCirrus
Much more information needed ... can you please specify what the 2 URLs are, and for each URL detail out what the Chrome connection information says (obtained by left-clicking on the x'ed out lock, and switching to the "Connection" tab). If you can also provide details on the certificate - the certificate Purposes, the Subject, the Subject Alternate Name, at least. You can obtain those by clicking on the "Certificate Information" link on the "Connection" tab I mentioned - purposes will be listed on the first tab in the resulting dialog, and the "Details" tab will let you walk through the fields that make up the cert, till you find Subject, and Subject Alt Name.
- Anuj_Chaudhary_URLs as below : https://loadandtrim.goindigo.in https://uat.loadandtrim.goindigo.in
- Anuj_Chaudhary_
- daboochmeisterOk, that clarifies things, thanks. You've bumped into a practical restriction in wildcard certificates ... a wildcard cert won't authenticate against sub-subdomain names. Your first URL is fine, because loadandtrim.goindigo.in is a subdomain of goindigo.in. But uat.loadandtrim.goindigo.in is a sub-subdomain, because of the additional node in the FQDN. To address this, you would either need to get a name-specific cert issued for uat.loadandtrim.goindigo.in, or get another wildcard cert, for *.loadandtrim.goindigo.in. Oh, or change the name to uat-loadandtrim.goindigo.in or some other approach that eliminates the sub-subdomain usage. For more info: http://security.stackexchange.com/questions/37887/why-arent-infinite-depth-wildcard-certificates-allowed
- Anuj_Chaudhary_so what is solution for that ? should we use certificate related to CN uat.loadandtrim.goindigo.in Pls. confirm the same ?
- Anuj_Chaudhary_if we use the name as uat-loadandtrim.goindigo.in it will rectify the issue or not ??