SSL Certificate Name Mismatch Error

Hi Mary,

It looks like you have a certificate for *.dlm.myherbalife.com. That is why you get an error when you access it with dlm.myherbalife.com. You will need to change the common name in the certificate to *.myherbalife.com to get rid of the error. Talk to your certificate provider (GeoTrust) about how to do this.

if we have 2 profiles on WAS server with the same sub domain can we use the same SSL for both? would it still show this issue?

Hi,

I am facing issue while accessing one site getting the certificate of different site where as both the site are binded with different IPs on same server. i.e - If I am accessing www.xyz.com I am getting the certificate of www.pqr.com.

I am recieving this error after dns records were pointed to a new server where the site would be hosted the current server uses a certificate that can be used more than once is there a way of fixing this at all?

Your certificate is *.myherbalife.com therefore when the web site has two or more "." (periods) to left of myherbalife then you will get the mismatch error. The * portion of your URL refers to a wildcard however with SSL if you have a "." as part of wildcard portion you will get this error. Suggest changing your DNS to use "-" instead of a "."

Internet Explorer 7 "The security certificate presented by this website was issued for a different website's address."

I'm not getting the SECURITY ALERT Screen, prev i use to get it an when i click yes, it will go to the secured page.
Now my prob with the ceritifacte error is originally the certifacte was issue to "*.myherbalife.com" ( equifax) and now i tried to connect "dlm.myherbalife.com" that time i get this error.
help me to clear this error.

Hello,

As Robert says, if you have a wildcard certificate for one domain, yo won't have the error if the website is like

service1.dominio.com
service2.dominio.com
.....

But if you use it for a websike like

service1.city.dominio.com
service2.city.dominio.com
.....

you will get it, because the wildcard certificate it's only for the services in "dominio.com", not for the subdomain "city.dominio.com".

Anyway it's a valid certificate, as for "city.dominio.com" like for "dominio.com", the problem is the message (it doesn't look nice). Internet Explorer have the option to disable it, but you need to do that in each IE client, so it's not very effective. This otion is in Internet tools/Advanced Options/security/, it's something like "Notify abaut the not mattching in the adress of the certificates" (I have it in spanish, so it's not exatly this, but something like this).

CA are offering wildcard services which allows an organisation to release SSL fast but this results in a cert error. Does anyone know the best set-up for a wildcard entry to avoid the error message to the end user?

Ive got this issue using a watchguard firebox with single sign on. nightmare.

it tells me domain name mismatch when i open a particular website, pls what do i do to solve this problem. thanks

The security certificate presented by this website was not issued by a trusted certificate authority.
The security certificate presented by this website was issued for a different website's address

I have a Mac and use Macmail, I haven't made any changes to our email or site logins or certificates however I'm getting the dialog "Mail can't verify the identity of "gives our mail server #" (which is the correct #). You might be connecting to a server that is pretending to be "number" ....
I clicked "Show Certificate" and it gave me GeoTurst Global CA > .securesites.com. "This certificate is not valid (host name mismatch). I called our web host, Verio, and they said for now just Connect each time, don't click "Always trust". this happens every time I open my email client. Could it be pisching or is this authentic? Can I click "Always Trust"?

Ander, thank you for your tip, it worked fine. Muchas gracias! :)

i can't uploade from my wibe sit to server
tise error
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

Line 210: 'File.Copy(img_path.PostedFile.FileName, "c:\")

Hi AR,

It sounds like your host is just using a shared certificate on your site. It would be more secure to use a separate certificate for your site, but you should be fairly safe to click through the warnings in this case.

Your certificate is *.myherbalife.com therefore when the web site has two or more "." (periods) to left of myherbalife then you will get the mismatch error. The * portion of your URL refers to a wildcard however with SSL if you have a "." as part of wildcard portion you will get this error. Suggest changing your DNS to use "-" instead of a "."

I setup cname for a domain. Both are different domains like xyz.com, zxy.com and both are wildcard SSL enabled.



I am getting this below error in my browser.

You attempted to reach xyz.com, but instead you actually reached a server identifying itself as *.zxy.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of xyz.com.

Is there a way by which we can allow web application access with multiple URLS viz., using IP address (say 151.34.25.190), hostname (say 01hm45678) and complete hostname (say 01hm45678.india.com). The user should be able to access the we app using either of the URLs without giving any certificate error.

Yes, using Subject Alternative Name extensions.

Thinakaran, you'll need to have both names included in the certificate to avoid the name mismatch error.

When i use the SSL checker with my Domain of www.limosa.com.au it comes up with someone elses domain name... what does this mean? i have no affiliation with this other domain and i am getting annoyed that i cannot read emails on my devices because they dont match up.

Cheers, Nick

I need help this has been problem has been coming up for awhile it will not let me in to aol mail on uk side only usa side using .com. and also other sites i use a lot says the certificate is not right but these will not work by changing to .com as they uk sites any help would be appreciated. google chrome is browser.

i need help, In my magento ecommerce website i have activate the ssl certificate but it is not redirect to https://www.mixrack.com from mixrack.com

i have installed ssl certificate for a website runing on iis 8, certificate had been working fine until 15 days back, and on the same server Macfee EPO server is also runing. now when i accessing my website, certificate is not showing, i used ssl checker to check the appropriate certificate for the website, but it showing the MCAfee EPO server certificate , can some help me out to resolve this certificate problem,

When I check a site with a cPanel auto ssl cert https://www.sslshopper.com/... you report a possible problem in that "None of the names in the cert . . ."

and report this about the cert - Common name: li1265-51.members.linode.com

When every browser I check the cert in has the common name whm.topline.cloud, and viewing the cert has the following.
--
X509v3 Subject Alternative Name:
DNS:whm.topline.cloud, DNS:mail.whm.topline.cloud, DNS:www.whm.topline.cloud
--

I think the report is wrong in this instance.

Thanks for posting about this. I fixed the SSL Checker so that it grabs the correct certificate (the server seems to be sending a different certificate if you connect with the IPv6 address)

Nice, thanks for the quick fix, and a valuable tool.

You should not have to continue through this error message on legitimate website. This error is often phrased differently depending on the web browser.

www.Cricketlivehd.com had the same problem. the better way it to just call your hosting guys and get the common name changed on their servers to solve it all for you.

Has anyone been able to find a way to check hostname mismatch with OpenSSL

Horizon Hobby thinks it is my browser(s)..... Gawd!

https://www.sslshopper.com/...

They are missing a SAN in their cert to make it work...dummies!