I have a problem one of my customers secure server. Thought someone might have thoughts on a quick fix...
On their website www.theirdomain.net
they have a link to their secure server which is running Windows server 2003. The secure server is physically in their offices at their company. Their domain theirdomain.net is hosted at a third party webhosting company.
On their home page whenever you click on the link to the secure server you get the message "The name on the security certificate is invalid or does not match the name of the site" - I checked the server and show the following:
1. The secure server is linked to by IP address and does not use a domain
2. The certificate is valid but is in the name theirdomain.com - they do not own the domain theirdomain.com, they own theirdomain.net
3. The certificate was purchased 2 years ago by them. I assume they made a name (.com, .net) mistake when purchasing it originally.
I told them that when you link to a secure server with an IP address in Windows server you will get that message. The certificate cannot be bound to an IP address - it must use a domain name. Since the domain is wrong, they need to use DNS on the Windows server and generate a new certificate with the matching name and link to it by name. I spoke with Verisign and they confirmed this. Verisign will not change the name because they purchased it 2 years ago.
The customer told me that it "was" working without receiving that message up until about 2 weeks ago. ??? and want it working again...
I'm stumped. Is their a way to configure Windows 2003 server so that you can use an SSL certificate via IP address and not receive that message?
I appreciate any thoughts or experience you may have had with this type of thing.