SSL – Why Wildcard SSL Certificate Causes Domain Mismatch Error on Second Level Subdomain

httpssslssl-certificate

I have a server https://www.groups.example.com – in FireFox I get the "This Connection is Untrusted" message and the "technical details" say

www.groups.example.com uses an invalid security certificate. 
The certificate is only valid for the following names: 
*.example.com, example.com (Error code: ssl_error_bad_cert_domain)

What other info do I need to provide in order to resolve this? Just getting confirmation of setup but am 99% sure it's Linux and using VHOSTS. Will update question as soon as this is confirmed.

Is it the fact that www.groups.example.com is seen as having 2 levels of subdomains?

The issuer is DigiCert

Best Answer

RFC 2818 in "3.1. Server Identity" states that

Names may contain the wildcard character * which is considered to match any single domain name component or component fragment. E.g., *.a.com matches foo.a.com but not bar.foo.a.com.

So yes, it's the fact that it's two levels of subdomains that is the problem.

Best Answer

Related Solutions

Ssl – Wildcard SSL certificate for second-level subdomain

Ssl – applying ssl for subdomains

Related Topic