Solved

https  ssl certificate problem

Posted on 2004-04-09
2
1,041 Views
Last Modified: 2013-12-04
Our domain www.ourdomain.com has a security certificate registered to www.ourdomain.com.  Many of our customers just type in https://ourdomain.com.  When that happens they get a security message and many customers fall off at that point.  Do we need to get a new security certificate that references just ourdomain.com or is the another work around?

0
Comment
Question by:KenHammett
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 6

Expert Comment

by:Joseph_Moore
ID: 10795574
From my experience (getting SSL certs from carriers like Verisign), design the certs from the child domain. So, a SSL cert for http://www.ourdomain.com is DIFFERENT than a SSL cert for http://ourdomain.com
If the SSL cert is for http://www.ourdomain.com and you go to http://ourdomain.com, then you will get a SSL error. The cert is for http://www.ourdomain.com, and has that FQDN defined in it.
If you just go to http://ourdomain.com, then the SSL cert for http://www.ourdomain.com since that is, technically, a CHILD domain.

So, AFAIU, you need a SSL cert for https://www.ourdomain.com to avoid SSL cert errors.
0
 
LVL 4

Accepted Solution

by:
mikkelp earned 250 total points
ID: 10800699
I don't know what would happen, if you define a subdomain called www and insert multiple hosts.. ie. host1.www.yourdomain.com (I thought a cert was server-specific, not subdomain).

problem is dns.. Your webserver is probably the only server defined in your dns-record, so all trafic is routed to that.. The webserver is defined to answer to both www.yourdomain.com and yourdomain.com. I suggest setting up a separate website for yourdomain.com and redirecting traffic to www.yourdomain.com.. It's a neet way to avoid problems, and maybe in time your customers learn to use the proper address :-)

Or if you plan to expand your domain:
What you need is a *.yourdomain.com certificate, called a "shared certificate" or "Wildcard-certificate". Then you can put up as many servers as you like ... but usually shared certificates are somewhat more expensive than "regular" ones.

mikkelp
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question