Hey there! It’s me with another SSL issue.
What could be causing the url www.lang-fulfillment.group to error on some devices (both devices, that have never ever visited the page and some have visited before) regarding ssl.
When doing a SSL check via cleavr it shows the validity of the certs to be like:
from: May 28 23:09:50 2023 GMT
to: Aug 26 23:09:49 2023 GMT
So this seems to be valid. Also when checking through an online tool (SSL Server Test (Powered by Qualys SSL Labs)), the same range is being shown.
Is it possible that multiple certificates are being delivered to the client by accident?
What other reasons could cause such an issue?
Any help is very much appreciated cause I’m quite lost in this topic
Hi,
Do you have information in nginx error log?
You say you are using multiple certificates, if you need a certificate fort multiple domain names, you should use a multi domain certificate.
Hello @sebbler,
In this case, Cleavr has a redirect from www to non-www domains if the site was setup using the non-www domain. It looks like the site has a cert for www.lang-fulfillment.de but none for www.lang-fulfillment.de. If a user tries to hit www.lang-fulfillment.de then many browsers would show a security warning that www.lang-fulfillment.de doesnt have SSL, even though it will redirect to a domain with SSL.
All you need to do is add www.lang-fulfillment.de to the site > SSL Certificates, edit the existing cert and add the www domain to the list of alternate domains.
@finalwebsites
Sorry for the misunderstanding but i actually use only one certificate (i think) when going over the cleavr ui:
@amiedema
Not sure if you meant the .group domain or really the .de. Because the .group one was indeed missing the www-variant inside thee ssl certificate in cleavr.
As you can see in the screenshot above, i added it now so all 4 versions should be secured:
but what i get is this (SSL Checker):
Using another tool i get this (www.lang-fulfillment.group):
Any idea what could be wrong?
Thank you for your support!
@amiedema Sorry to bother you, but any ideas on this matter?
It doesn’t look like the cert has www.lang-fulfillment.group listed as an alt domain, even though it’s listed on Cleavr UI.
It looks like www.lang-fulfillment.group is a CNAME to lang-fulfillment.group, try modifying the www record to be an A record that points to the server, and then in Cleavr edit the SSL cert and then click save to prompt a new SSL cert.