Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1044
  • Last Modified:

https ssl certificate problem

Our domain www.ourdomain.com has a security certificate registered to www.ourdomain.com.  Many of our customers just type in https://ourdomain.com.  When that happens they get a security message and many customers fall off at that point.  Do we need to get a new security certificate that references just ourdomain.com or is the another work around?

1 Solution
From my experience (getting SSL certs from carriers like Verisign), design the certs from the child domain. So, a SSL cert for http://www.ourdomain.com is DIFFERENT than a SSL cert for http://ourdomain.com
If the SSL cert is for http://www.ourdomain.com and you go to http://ourdomain.com, then you will get a SSL error. The cert is for http://www.ourdomain.com, and has that FQDN defined in it.
If you just go to http://ourdomain.com, then the SSL cert for http://www.ourdomain.com since that is, technically, a CHILD domain.

So, AFAIU, you need a SSL cert for https://www.ourdomain.com to avoid SSL cert errors.
I don't know what would happen, if you define a subdomain called www and insert multiple hosts.. ie. host1.www.yourdomain.com (I thought a cert was server-specific, not subdomain).

problem is dns.. Your webserver is probably the only server defined in your dns-record, so all trafic is routed to that.. The webserver is defined to answer to both www.yourdomain.com and yourdomain.com. I suggest setting up a separate website for yourdomain.com and redirecting traffic to www.yourdomain.com.. It's a neet way to avoid problems, and maybe in time your customers learn to use the proper address :-)

Or if you plan to expand your domain:
What you need is a *.yourdomain.com certificate, called a "shared certificate" or "Wildcard-certificate". Then you can put up as many servers as you like ... but usually shared certificates are somewhat more expensive than "regular" ones.


Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now