Forum Discussion
SSL Certificate error
I'm using wild card certificate on F5 to offload SSL for my Web-Servers. Already upload wildcard certificate to F5 without any issue. Currently, when try access the url for my Web Server get the error on web browser: NET::ERR_CERT_COMMON_NAME_INVALID
The url that I´m trying is: https://service.external.mydomain.com.br
My certificate in my New Client-SSL profile is:
Common name: *.mydomain.com.br
Organization: MyDomain C.O.
Location: My CITY, MyState, MyCountry
Valid from Jan 01, 2019 to December 12, 2020
Encryption Issuer: MyCA-corp RSA CA 2019
Any input?
- _maxmau5__37763Altostratus
Have you tried other browsers? I know there are some weird chrome bugs with this wanting alternative names and the like.
Can you paste your certificate key chain from your SSL profile (minus anything identifying oc)
- brangel_250165Nimbostratus
Yes, for others Browsers:
Firefox: SSL_ERROR_BAD_CERT_DOMAIN
MS Edge: DLG_FLAGS_SEC_CERT_CN_INVALID
Chrome: NET::ERR_CERT_COMMON_NAME_INVALID
Wildcard certificates don’t go more than one level.
So *.example.com will cover external.example.com but not *.external.example.com
You either need to move the domain to be directly under example.com or get another wildcard for *.external.example.com
- SurgeonRet. Employee
Have you checked your cert? The actual cert is different from the cert you are providing.
Certificate: Data: Version: 3 (0x2) Serial Number: 2f:a4:1c:d7:b3:65:58:be:59:5c:38:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Domain Validation CA - SHA256 - G2 Validity Not Before: Oct 17 07:13:06 2017 GMT Not After : Dec 11 08:45:40 2020 GMT Subject: OU=Domain Control Validated, CN=cc.sedoparking.com ... X509v3 Subject Alternative Name: DNS:cc.sedoparking.com Error tell everething you need service.external.mydomain.com.br uses an invalid security certificate. The certificate is only valid for cc.sedoparking.com. Error code: SSL_ERROR_BAD_CERT_DOMAIN
Update you cert to a valid one.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com