Prevent Chrome SSL Domain Mismatch Warning When Redirecting

Chris Irish supairish at gmail.com
Wed Jan 2 21:16:44 UTC 2013


Hello,
    I have a SSL cert setup for a domain with no subdomain, i.e.
mydomain.org.  And a server block setup to redirect all https 'www'
subdomain requests to the non subdomain server block.  This works fine in
Safari, FF, etc.  But Chrome gives me a certificate domain name mismatch
warning ( The big red warning screen )  How can I prevent this?  It's like
Chrome checks the SSL cert name before even following the nginx redirect.
 Here's what I'm doing. Any help appreciated


server {
      listen       443;
      server_name  www.mydomain.org;

      return 301 $scheme://mydomain.org$request_uri;

      ssl                  on;
      ssl_certificate      /etc/nginx/certs/new_sslchain.crt;
      ssl_certificate_key  /etc/nginx/certs/azcharters-10-29-12.key;
      ssl_session_timeout  5m;
      ssl_protocols        SSLv2 SSLv3 TLSv1;
      ssl_ciphers
 ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
      ssl_prefer_server_ciphers   on;
    }

server {
      listen       443;
      server_name  mydomain.org;
      root         /home/deploy/apps/myapp/current/public;
      passenger_enabled on;

      ssl                  on;
      ssl_certificate /etc/nginx/certs/new_sslchain.crt;
      ssl_certificate_key /etc/nginx/certs/azcharters-10-29-12.key;
      ssl_session_timeout 5m;
      ssl_protocols  SSLv2 SSLv3 TLSv1;
      ssl_ciphers
 ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
      ssl_prefer_server_ciphers   on;
}

-- 
Chris Irish
Burst Software
Rails Web Development

e:  supairish at gmail.com
c:  623-523-2221
w:  www.burstdev.com
w:  www.christopherirish.com
<http://www.christopherirish.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20130102/4ca4cd69/attachment.html>


More information about the nginx mailing list