1

I installed a wildcard SSL certificate, but somehow I ended up with an error.

When accessing the website I am getting:

The identity of this website has not been verified.
• Server's certificate does not match the URL.
• Server's certificate is not trusted.

The CN is like *.domain.com and that goes with all the subdomains, too. I think I am missing something and that's why this is not working.

crt file:

-----BEGIN CERTIFICATE----- MIIEtzCCA5+gAwIBAgIJANgFQlRrtxptMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYD VQQGEwJJTjELMAkGA1UECBMCVVAxDDAKBgNVBAcTA0daQjEfMB0GA1UEChMWVXR0 YW0gU2Nob29sIGZvciBHaXJsczELMAkGA1UECxMCSVQxGjAYBgNVBAMMESoudXR0 YW1zY2hvb2wubmV0MSQwIgYJKoZIhvcNAQkBFhVhZG1pbkB1dHRhbXNjaG9vbC5u ZXQwHhcNMTIwNTA0MDUwNDA4WhcNMTMwNTA0MDUwNDA4WjCBmDELMAkGA1UEBhMC SU4xCzAJBgNVBAgTAlVQMQwwCgYDVQQHEwNHWkIxHzAdBgNVBAoTFlV0dGFtIFNj aG9vbCBmb3IgR2lybHMxCzAJBgNVBAsTAklUMRowGAYDVQQDDBEqLnV0dGFtc2No b29sLm5ldDEkMCIGCSqGSIb3DQEJARYVYWRtaW5AdXR0YW1zY2hvb2wubmV0MIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OhJPZKvcujTh8h0k/GFB15Y /UmTCUKeQJA3ziscwFWoBWE7lV+zxMtlJlOdB6jeK8vAwP1LvkG4MhNs9uOAd6pH nfftLpjLyoUQ2LYNByxOzeLUHto335XXVchTXuNkFvsx+nX7Yplh/y4mSt3qT4Gg 1reRUfru06cuLSbpUNzCAFvSFJepW2aCunRorHQTK/e6t6NpAsvyHwqNkV1AZcH7 I461T+ZWmt/KDarTCezPm59ifJKHue3ZA2G7rL8WjkFNNJFSlbrrzDUYdP+dMT1r hnhTRDwoHdV8eo8m3RI3w5KcpiJ/YdZbqAqwgLqhunq6oJyv8GtB5Y7gfGnDbwID AQABo4IBADCB/TAdBgNVHQ4EFgQUb0d+9MMIx/KKepesDCF/CdqPoTUwgc0GA1Ud IwSBxTCBwoAUb0d+9MMIx/KKepesDCF/CdqPoTWhgZ6kgZswgZgxCzAJBgNVBAYT AklOMQswCQYDVQQIEwJVUDEMMAoGA1UEBxMDR1pCMR8wHQYDVQQKExZVdHRhbSBT Y2hvb2wgZm9yIEdpcmxzMQswCQYDVQQLEwJJVDEaMBgGA1UEAwwRKi51dHRhbXNj aG9vbC5uZXQxJDAiBgkqhkiG9w0BCQEWFWFkbWluQHV0dGFtc2Nob29sLm5ldIIJ ANgFQlRrtxptMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBALwA4gY5 dP0I7O9Ol4puK/p7bmTGYR/teemdsVyr5LWJWUyRS6AfoD+uzEUQBgGspQToojz5 aXkkfBqBhWtnV1poeyPt+D2+AUcglkyCKYrd1TsdcCeLsNgB+gSS/c5EMgIA3DEI 1qEJC4LATK7DM3ykIEzlL0rt5tfnAbRmNecBLXzm9+k+Du1jbxeXQ75HPHPr2wuN uIBRcvVKfc3geHTsdVsl6Q0/3ABuJEzBOYU+1X4HSWXIrPntxGoMpcMAEvKwOC0O jV7P76zv+jW58xIVRY0E9o1T2QNUTLM3g6O80x6MPrVWRpt9lC8xYJkBaVu4l7NP eTI2G0PSODx9GI0= -----END CERTIFICATE-----
Improve this question
5
  • This is a very poor question, it doesn't even show the certificate. I'll answer it because it seems like an obvious beginner mistake but in the future please try to add relevant information Commented May 9, 2012 at 20:50
  • Look at the certificate the browser is getting and see if it's the one you're expecting. Commented May 9, 2012 at 20:50
  • crt file added, sorry for the delay Commented May 9, 2012 at 20:57
  • 2
    Your certificate works, if you want to not have scary warnings then you can go and buy a signed one from a trusted CA. You can't use self-signed certificates and expect them to be trusted on the internet. Commented May 9, 2012 at 21:07
  • it was the problem of the certificate conflict, now working correctly. Commented May 10, 2012 at 17:05

2 Answers 2

Reset to default
2

Either you are not serving the correct certificate or you're trying to browse domain.com.

If your CN is *.domain.com, then browsing to domain.com will not work. *.domain.com does NOT mean *.com. One way to make it work is to have domain.com as the CN, and *.domain.com as the subjectAlternateName. This kind of certificate will be valid for both straight domain.com and all subdomains.

"Is not trusted" is caused by you not trusting the certificate. This is a self-signed certificate, trusting it in your favorite browser or OS store will work. On Firefox, this means adding an exception.

Improve this answer
4
  • please check the crt file Commented May 9, 2012 at 20:58
  • That certificate will be valid for any subdomain under .uttamschool.net, but not for uttamschool.net. It is flagged as a CA certificate though which is weird. Commented May 9, 2012 at 20:59
  • check geo.uttamschool.net Commented May 9, 2012 at 21:00
  • geo.uttamschool.net works just fine when you trust the certificate. Commented May 9, 2012 at 21:01
1

The certificate is self-signed. That's the only error I get when connecting to https://geo.uttamschool.net/, and it's an entirely correct error. I'm not, therefore, entirely sure what the problem is.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.