SSL not working

jfurlong · August 31, 2020, 4:31pm

My domain is: jimmymackhealing.com
Hosted on Godaddy shared hosting, using Cpanel (won’t run certbot)

Cert was created via shieldsigned.com
and covers both jimmymackhealing.com and www.jimmymackhealing.com

Previous certs created via ZeroSSL worked fine.

Any help will be much appreciated!

Osiris · August 31, 2020, 6:18pm

No, it doesn't.

Your latest certificate which is currently in use is only valid for jimmymackhealing.com. But because you have a redirect to www.jimmymackhealing.com in place, everybody will get a certificate error.

griffin · August 31, 2020, 6:37pm

Welcome @jfurlong

@Osiris

Don’t dismay the man right out of the gate @Osiris.

@jfurlong

Osiris is absolutely right though. We can see at https://crt.sh/?q=jimmymackhealing.com that your certificate only covers jimmymackhealing.com. You need to issue a new certificate that includes both jimmymackhealing.com and www.jimmymackhealing.com. We can certainly help you do that.

Osiris · August 31, 2020, 6:47pm

Just want to be very clear about where the issue lies. I've seen people here on the community persevere in inadequate assumptions, which would delay the right action.

griffin · August 31, 2020, 6:54pm

@Osiris

So true. Sometimes a giant is needed.

jfurlong · August 31, 2020, 7:25pm

Adequate solutions are preferable even if they hurt someone’s feelings
I redid the SSL feeding shieldsigned.com the domain www.jimmymackhealing.com instead of jimmymackhealing.com and that appears to have worked.

Nothing like changing a process under pressure to cause you to make a mistake.

Help much appreciated, folks!

Osiris · August 31, 2020, 8:26pm

Wouldn't you rather have one certificate with both hostnames? The site you're using does allow you to input multiple hostnames at the same time by separating them with a comma it seems.

griffin · August 31, 2020, 9:57pm

I'm REALLY hoping that you submitted your own certificate signing request (CSR). If their website generated it for you internally then they also generated the private key that goes with it, which means that your website would then have no security.

schoen · September 4, 2020, 7:50pm

That's an exaggeration. It means that the operator of the shieldsigned site (or somebody else with access to their server infrastructure) could have maliciously kept a copy of the private key and would then be able to use it to intercept communications to the jimmymackhealing site if they were also in the right place on the network to do so or could somehow tamper with its DNS records.

griffin · September 4, 2020, 8:02pm

@schoen

Very true. I’m just trying to generally steer people away from sites that generate their private keys for them.

system · October 4, 2020, 8:02pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SSL not covering all domains Help	6	1463	August 18, 2018
Certificate mismatch generate ssl for www or non-www first? Server	6	1367	January 2, 2019
Help! SSL put on domain.com and www.domain.com Help	18	6986	October 13, 2017
How to fix www certificate? Help	23	3445	January 2, 2018
Ssl not for www Help	3	522	February 28, 2019

SSL not working

Related topics