I'm trying to set up HTTPS/SSL on my site test.example.com
.
I edited my file at /etc/nginx/sites-enabled/my_site
so that the top section of the server {}
block is this.
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/cert_chain.crt;
ssl_certificate_key /etc/ssl/example.key;
server_name test.example.com;
error_log /var/log/nginx/debug.log debug;
... Rest of code ...
}
I ran nginx restart
. But if I go to https://test.testexample.com
in Chromium, my browser warns that my connection to the site is insecure.
Chromium error:
Your connection is not private
Attackers might be trying to steal your information from test.example.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID
This server could not prove that it is test.example.com; its security certificate is from example.com. This may be caused by a misconfiguration or an attacker intercepting your connection.
My certificate was issued by Comodo. I'm following Namecheap's guide on integrating SSL into my site. Step 3: https://www.namecheap.com/support/knowledgebase/article.aspx/9419/0/nginx
Best Answer
The certificate returned by the server does not match the name in the URL. Based on this description you've ordered a certificate for
example.com
but try to access the site astest.example.com
which is not the domain the certificate was issued for.This problem might be due to a wrong understanding of how the comparison of the domain in the URL against the certificate works. In general:
example.com
does not matchtest.example.com
.*
, it must be the leftmost label and it matches only a single part of the domain, i.e. a certificate for*.example.com
will matchwww.example.com
andtest.example.com
but notwww.test.example.com
.