SSL_ERROR_BAD_CERT_DOMAIN on every browser except Chrome w/ forced HTTPS encryption on nginx


#1

Hello! To start with this I only have one nginx server and one domain using Let’s Encrypt.

I recently discovered that my website has been labelled SSL_ERROR_BAD_CERT_DOMAIN by quite a few web browsers including Firefox Quantum and IE except Chrome (both desktop and mobile on different Internet connections). Upon some Google-fus I discovered that return directive in nginx server config apparently cause this (Ssl_error_bad_cert_domain).

The problem is, the return is actually used for forced HTTPS redirection within the same nginx server config. I tried Googling around for alternatives but there doesn’t seem to have any, so I decided to ask here for help.

Is there any ways to prevent the error popping up on most browsers while retaining force-HTTPS redirection within the server?


#2

If you provide the domain name on the cert we can better assist you.

It may be something as simple as the cert is for the root domain only and your link is to the WWW.

Can you show the portion that is doing the forced redirection?


#3

Try your site with www:
https://www.ngb.pw/
That works fine because the cert is for the WWW:



#4

It’s ngb.pw and www.ngb.pw (should be registered on the cert but I’ll recreate a new one if not)

Here’s the part:

server {
    server_name ngb.pw www.ngb.pw;
    listen 80;
    listen [::]:80 ipv6only=on;

    return 301 https://ngb.pw$request_uri;
}

#5

change that to:
return 301 https://www.ngb.pw$request_uri;

Until you get a cert with both names on it (that is the better answer)


#6

Nope, still the same issue. I’ll try changing it to redirect to www.ngb.pw though.


#7

It’s not there, get a cert with both names:


#8

Yeah, just found out a few minutes ago, thanks for your help though!


#9

Ok then…….
Cheers.


#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.