SSL_ERROR_BAD_CERT_DOMAIN

Francis Daly francis at daoine.org
Fri May 15 18:52:20 UTC 2020


On Thu, May 14, 2020 at 03:37:38PM -0400, Amakesh wrote:

Hi there,

> Earlier Let’s encrypt certificates worked fine for for all of them, but
> recently installed Nginx as web proxy.

> https://www.ssllabs.com shows all of the certificates have Server
> hostname(rsvix170.gerwanserver.de) as domain name and not their own
> addresses.

Have you configured your nginx like is shown at
http://nginx.org/en/docs/http/configuring_https_servers.html?

You probably want one server{} block per certificate that you have,
each with "listen 443 ssl", and with server_name matching the names in
that certificate.

> https://www.ssllabs.com/ssltest/analyze.html?d=solaris-ustronie.eu

That is not showing any obvious problems to me right now, so maybe
something has been changed recently?

(The fact that it shows a different certificate if the client does not
use SNI is not something I consider a problem.)

Cheers,

	f
-- 
Francis Daly        francis at daoine.org


More information about the nginx mailing list