SSL Issues with Safari Only?

My domain is: www.heartstartnj.com

My web server is (include version): Apache Version 2.4.46

The operating system my web server runs on is (include version): Linux - 3.10.0-962.3.2.lve1.5.38.el7.x86_64

My hosting provider, if applicable, is: inmotionhosting

I can login to a root shell on my machine (yes or no, or I don't know): No

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes, cpanel 86.0


Having issues with my SSL. I have the paid version of the Lets Encypt installer. Everything seems to be installed correctly - except that on IOS devices using safari they're getting a 'Connection is not private' error. Everywhere else is working fine, on chrome or firefox. No problems.

2 Likes

Hi @Heartstartnj

that's wrong, I see the same problem with FireFox. Your www version has the wrong certificate - see https://check-your-website.server-daten.de/?q=heartstartnj.com#url-checks

Domainname Http-Status redirect Sec. G
http://heartstartnj.com/ 104.244.120.9 301 Home - Heart Start Training Center
Html is minified: 100,00 % 0.320 A
http://www.heartstartnj.com/ 104.244.120.9 301 https://www.heartstartnj.com/wp-content/endurance-page-cache/_index.html
Html is minified: 100,00 % 0.317 A
https://heartstartnj.com/ 104.244.120.9 GZip used - 13453 / 57815 - 76,73 % Inline-JavaScript (∑/total): 15/3230 Inline-CSS (∑/total): 7/18763 200 Html is minified: 169,20 % 5.493 B
https://www.heartstartnj.com/ 104.244.120.9 GZip used - 13453 / 57815 - 76,73 % Inline-JavaScript (∑/total): 15/3230 Inline-CSS (∑/total): 7/18763 200 Html is minified: 169,20 % 5.277 N
Certificate error: RemoteCertificateNameMismatch

Your certificate

CN=heartstartnj.com
	13.01.2021
	13.04.2021
expires in 48 days	heartstartnj.com - 1 entry

has only one domain name, so your www version isn't secure.

And your browser may has cached the redirect, so you don't see that with some browsers.

Create one certificate with both domain names.

3 Likes

Alrighty! I deleted the old certificate and reinstalled it.

Hopefully that fixes everything.

1 Like

Use online tools or something like curl to check that.

Then fix the other / minor problems -> www has a curious redirect, both https versions (non-www and www) with a http status 200, that's duplicated content.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.