In Chrome, if you go to wdjconline.com OR www.wdjconline.com, our certificate works fine. In Firefox (I'm using version 60.8 with OpenSuse), the "www" gives a "bad certificate" error, but wdjconline (with the "www") does NOT give an error. This is something that has recently popped up.
We are using SANs (standard 20-domain certificate from GoDaddy) to handle our Websites. Incidentally, the problem does NOT occur with our main Website: both crawfordbroadcasting.com and www.crawfordbroadcasting.com both work fine. No errors.
Any ideas?
Solved! Go to Solution.
In your .conf file's <VirtualHost *:443> ... Make sure you make use of both ServerName and ServerAlias:
<VirtualHost *:443> ServerAdmin webmaster@mydomain.com ServerName mydomain.com
ServerAlias www.mydomain.com DocumentRoot /var/www/html/mydomain.com/public_html
Even if both www and non-www points to the same server, it doesn't mean that your Apache will serve them from the same vHosts. One of them is probably being server from the default VirtualHost where the SSL is not defined
@Stephen_Poole Do you handle your own apache configuration?
Yes, we handle our Apache. You have a tip? I'm all ears!! 🙂
In your .conf file's <VirtualHost *:443> ... Make sure you make use of both ServerName and ServerAlias:
<VirtualHost *:443> ServerAdmin webmaster@mydomain.com ServerName mydomain.com
ServerAlias www.mydomain.com DocumentRoot /var/www/html/mydomain.com/public_html
Even if both www and non-www points to the same server, it doesn't mean that your Apache will serve them from the same vHosts. One of them is probably being server from the default VirtualHost where the SSL is not defined
<VirtualHost *:443>
ServerName "wdjconline.com"
ServerAlias "www.wdjconline.com"
DocumentRoot "/home/wdjconline.com/public_html/"
RewriteEngine On
RewriteRule ^/wdjconline/(.*) / [R=301,L]
Hmmm. Looks like I'm doing that.
Not sure if it matters but I usually do not use quotes to wrap my server name ("" "")... I mean, Apache wouldn't run if that's a problem.
Your certificate path are defined right? e.g.
SSLEngine on SSLCertificateFile "/opt/bitnami/apache2/conf/mydomain.com.crt" SSLCertificateKeyFile "/opt/bitnami/apache2/conf/mydomain.com.key"
and you're actually listening to 443 + SSL protocols are defined?
Listen 443 SSLProtocol all -SSLv2 -SSLv3
FYI... I'm shooting in the dark right now... I have not clue at this point why none of your cert work on my end.
Also, If you just updated your .conf files... don't forget to restart Apache... I tend to forget it.
BTW @Stephen_Poole ,
I get a cert error on your site all the time... also, www gets forwarded to non-www (which is good... I'm just not sure if you did that on purpose)