• GoDaddy Community
  • SSL And Security

    • SSL And Security

    cancel
    Turn on suggestions
    Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
    Showing results for 
    Show  only  | Search instead for 
    Did you mean: 
    Go to solution
    Stephen_Poole
    Getting Started
    ‎08-11-2019 10:50 AM
    ‎08-11-2019 10:50 AM

    Another Strange Firefox Problem with SSL

    In Chrome, if you go to wdjconline.com OR www.wdjconline.com, our certificate works fine. In Firefox (I'm using version 60.8 with OpenSuse), the "www" gives a "bad certificate" error, but wdjconline (with the "www") does NOT give an error. This is something that has recently popped up.

     

    We are using SANs (standard 20-domain certificate from GoDaddy) to handle our Websites. Incidentally, the problem does NOT occur with our main Website: both crawfordbroadcasting.com and www.crawfordbroadcasting.com both work fine. No errors.

     

    Any ideas?

    0 Kudos
    Reply
    1 ACCEPTED SOLUTION
    JHasselbring
    Helper VI Helper VI
    Helper VI
    In response to Stephen_Poole
    ‎08-14-2019 07:50 PM
    ‎08-14-2019 07:50 PM

    @Stephen_Poole 

    In your .conf file's <VirtualHost *:443> ... Make sure you make use of both ServerName and ServerAlias:

    <VirtualHost *:443>
   ServerAdmin webmaster@mydomain.com
   ServerName mydomain.com
       ServerAlias www.mydomain.com    
   DocumentRoot /var/www/html/mydomain.com/public_html

    Even if both www and non-www points to the same server, it doesn't mean that your Apache will serve them from the same vHosts.  One of them is probably being server from the default VirtualHost where the SSL is not defined

    ~Jan Mykhail Hasselbring Web Administrator @ fullstackwebsolution.com

    View solution in original post

    Reply
    7 REPLIES 7
    JHasselbring
    Helper VI Helper VI
    Helper VI
    ‎08-13-2019 09:59 AM
    ‎08-13-2019 09:59 AM

    @Stephen_Poole Do you handle your own apache configuration?

    ~Jan Mykhail Hasselbring Web Administrator @ fullstackwebsolution.com
    Reply
    Stephen_Poole
    Getting Started
    In response to JHasselbring
    ‎08-13-2019 06:25 PM
    ‎08-13-2019 06:25 PM

    Yes, we handle  our Apache. You have a tip? I'm all ears!! 🙂

    Reply
    JHasselbring
    Helper VI Helper VI
    Helper VI
    In response to Stephen_Poole
    ‎08-14-2019 07:50 PM
    ‎08-14-2019 07:50 PM

    @Stephen_Poole 

    In your .conf file's <VirtualHost *:443> ... Make sure you make use of both ServerName and ServerAlias:

    <VirtualHost *:443>
   ServerAdmin webmaster@mydomain.com
   ServerName mydomain.com
       ServerAlias www.mydomain.com    
   DocumentRoot /var/www/html/mydomain.com/public_html

    Even if both www and non-www points to the same server, it doesn't mean that your Apache will serve them from the same vHosts.  One of them is probably being server from the default VirtualHost where the SSL is not defined

    ~Jan Mykhail Hasselbring Web Administrator @ fullstackwebsolution.com

    View solution in original post

    Reply
    Stephen_Poole
    Getting Started
    In response to JHasselbring
    ‎08-17-2019 05:32 PM
    ‎08-17-2019 05:32 PM 

    <VirtualHost *:443>
    ServerName "wdjconline.com"
    ServerAlias "www.wdjconline.com"
    DocumentRoot "/home/wdjconline.com/public_html/"
    RewriteEngine On
    RewriteRule ^/wdjconline/(.*) / [R=301,L]

     Hmmm. Looks like I'm doing that.

    Reply
    JHasselbring
    Helper VI Helper VI
    Helper VI
    In response to Stephen_Poole
    ‎08-20-2019 08:18 PM
    ‎08-20-2019 08:18 PM

    Not sure if it matters but I usually do not use quotes to wrap my server name ("" "")... I mean, Apache wouldn't run if that's a problem.  

     

    Your certificate path are defined right? e.g.

      SSLEngine on
  SSLCertificateFile "/opt/bitnami/apache2/conf/mydomain.com.crt"
  SSLCertificateKeyFile "/opt/bitnami/apache2/conf/mydomain.com.key"

    and you're actually listening to 443 + SSL protocols are defined?

    Listen 443
SSLProtocol all -SSLv2 -SSLv3

     

    FYI... I'm shooting in the dark right now... I have not clue at this point why none of your cert work on my end.

    ~Jan Mykhail Hasselbring Web Administrator @ fullstackwebsolution.com
    0 Kudos
    Reply
    JHasselbring
    Helper VI Helper VI
    Helper VI
    In response to Stephen_Poole
    ‎08-20-2019 08:19 PM
    ‎08-20-2019 08:19 PM

    @Stephen_Poole 

    Also, If you just updated your .conf files... don't forget to restart Apache... I tend to forget it.

    ~Jan Mykhail Hasselbring Web Administrator @ fullstackwebsolution.com
    0 Kudos
    Reply
    JHasselbring
    Helper VI Helper VI
    Helper VI
    In response to Stephen_Poole
    ‎08-14-2019 07:53 PM
    ‎08-14-2019 07:53 PM

    BTW @Stephen_Poole ,

     

    I get a cert error on your site all the time... also, www gets forwarded to non-www (which is good... I'm just not sure if you did that on purpose)

    ~Jan Mykhail Hasselbring Web Administrator @ fullstackwebsolution.com
    Reply

    You may also like...