I'm having a hell of a time getting an SSL certificate working with Apache running on CentOS. This is my first time trying to get SSL working so I need a bit of help. I've done alot of reading and experimenting and trying different solutions but I'm stuck
I've got a domain, and an SSL cert for that domain from GoDaddy. I believe the cert is installed correctly now after some trial and error, but when I navigate to my domain I get errors on both Chrome and Firefox. The strange thing is they give me different errors.
To be clear, I am navigating to www.mydomain.ca.
Chrome gives a "ERR_CERT_COMMON_NAME_INVALID" error. Firefox gives a "SSL_ERROR_BAD_CERT_DOMAIN" error.
I'm not sure about the common name problem, but I'm pretty sure the bad_cert_domain is happening because httpd is not replacing the IP address in the address bar with the domain name. I think this is a rewrite rule. I've added this to the end of my httpd.conf file. I can include more of the file if that's helpful. I dont really understand rewrite rules very well and lifted this from a tutorial. I've tried a number of different versions of this, including having a separate sites-available folder with conf files there but the result is the same.
<VirtualHost *:443>
ServerName www.MYDOMAIN.ca
ServerAlias MYDOMAIN.ca
DocumentRoot /var/www/html/
RewriteEngine On
RewriteCond %(HTTP_HOST) !^MYDOMAIN.ca$
RewriteRule /.* https://MYDOMAIN.ca/ [R]
</VirtualHost>
My question is, why is httpd not replacing the IP address with the domain name, and why is Chrome reporting a Common Name error?
Thanks
Best Answer
Found my answer. The problem is my domain was registered with Google Domains and I unknowingly set the domain to "forward" to my web server IP. When pinging or doing a DNS lookup of the domain, I would get the Google Hosting Service IP address, rather than mine. So Steffen was correct that I was performing a redirect, I just didnt know about it.
To fix this I turned off the forward option, and created an A Record in the DNS settings. Works perfectly now. mydomain.ca redirects to the http version of my site and https://mydomain.ca redirects to the HTTPS version without any SSL errors.