Go Premium for a chance to win a PS4. Enter to Win


https  ssl certificate problem

Posted on 2004-04-09
Medium Priority
Last Modified: 2013-12-04
Our domain www.ourdomain.com has a security certificate registered to www.ourdomain.com.  Many of our customers just type in https://ourdomain.com.  When that happens they get a security message and many customers fall off at that point.  Do we need to get a new security certificate that references just ourdomain.com or is the another work around?

Question by:KenHammett

Expert Comment

ID: 10795574
From my experience (getting SSL certs from carriers like Verisign), design the certs from the child domain. So, a SSL cert for http://www.ourdomain.com is DIFFERENT than a SSL cert for http://ourdomain.com
If the SSL cert is for http://www.ourdomain.com and you go to http://ourdomain.com, then you will get a SSL error. The cert is for http://www.ourdomain.com, and has that FQDN defined in it.
If you just go to http://ourdomain.com, then the SSL cert for http://www.ourdomain.com since that is, technically, a CHILD domain.

So, AFAIU, you need a SSL cert for https://www.ourdomain.com to avoid SSL cert errors.

Accepted Solution

mikkelp earned 750 total points
ID: 10800699
I don't know what would happen, if you define a subdomain called www and insert multiple hosts.. ie. host1.www.yourdomain.com (I thought a cert was server-specific, not subdomain).

problem is dns.. Your webserver is probably the only server defined in your dns-record, so all trafic is routed to that.. The webserver is defined to answer to both www.yourdomain.com and yourdomain.com. I suggest setting up a separate website for yourdomain.com and redirecting traffic to www.yourdomain.com.. It's a neet way to avoid problems, and maybe in time your customers learn to use the proper address :-)

Or if you plan to expand your domain:
What you need is a *.yourdomain.com certificate, called a "shared certificate" or "Wildcard-certificate". Then you can put up as many servers as you like ... but usually shared certificates are somewhat more expensive than "regular" ones.


Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question