CN error

Patrick Lizama
Patrick Lizama used Ask the Experts™
Misconfiguration of certificate's CN and virtual name. The certificate CN has ww2.scryptions. We expected as virtual name.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Fractional CTO
Distinguished Expert 2018
Here are the subjective site names covered by your cert.

imac> echo QUIT | openssl s_client -crlf -servername -connect 2>/dev/null | openssl x509 -noout -text | egrep DNS:

Open in new window

Note: There is no coverage for either or so the cert has likely been generated incorrectly + will not cover the hosts normally covered for HTTPS access.

Note: shows your SSL config as an F Score. Should be an A+ Score.

Your SSL config is insecure + highly hackable. Currently major browsers seem to visit your site without complaint, right now. As browsers increase their security requirements, likely there will come a day when your site is reported to visitors as suspicious by all major browsers.

The does not appear, so is not covered by this cert.

Trying the above command with hangs, because there's no port 443 listener.

Suggestion: Looks like might be best for you to hire someone to sit down with you + talk through the exact site coverage you require.

Use either a simple or wildcard, free, with auto-renewal to handle your use cases.

Target: Have a look at + have your tech people target this type of score.
Patrick LizamaSystems Administrator


I should have mentioned that the www2 is internal and I am transitioning the www1 to www2 due to upgrade with PHP and Mysql which is reason due to those security concerns.  I have checked the cert from Comodo and it does show www2 in both the crt and the key.
Patrick LizamaSystems Administrator


Thank you as you have given me many things to look at.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial