Hi,
I was successfully able to install Let’s encrypt SSL certificate using “WP Encrypt” wordpress plugin.
It seems to be working fine as I was able to access my domain with https://www.java2blog.com and https://java2blog.com.
I checked SSL certificate at multiple sites such as https://www.ssllabs.com/ssltest/ and https://www.digicert.com/help/ but I don’t see any issue.
However,I got below notification today in google web master tools.
Google has detected that the current SSL/TLS certificate used on https://www.java2blog.com/ does not include https://www.java2blog.com/ domain name. This means that your website is not perceived as secure by some browsers. As a result, many web browsers will block users accessing your site by displaying a security warning message. This is done to protect users’ browsing behaviour from being intercepted by a third party, which can happen on sites that are not secure"
I use namecheap shared hosting.
Can any help me with above warning. What is wrong with my SSL certificate.
There is nothing wrong with your cert, it is ok. The mail received from Google refers to browsers and applications that don't support SNI like Java 6u45, IE8 in Windows XP, Android 2.3.7... pretty old technology.
So, the browsers and applications that don't support SNI, when trying to connect to your site, will receive a certificate only valid for *.web-hosting.com and web-hosting.com domains.
I’ve seen the warning that @sahsanu describes from Google before and I agree that that situation exists here (SNI support is required in order to access the site), but I wonder if Google accidentally sent the wrong warning. I feel like this warning literally describes a certificate that doesn’t cover the base domain (java2blog.com)—which in this case it does, so that warning wouldn’t be applicable.
Anyway, I’d agree that there is nothing wrong with the site from the perspective of modern browsers and no action needs to be taken.