This site is not secure, This might mean that someone is trying to fool you


#1

> This site is not secure
> This might mean that someone is trying to fool you or steal any info you send to the server. You should close this site immediately.

Installed some wildcards at the weekend and a few of the end users are getting this message on Windows in IE.

There are 2 domains with wildcards mapped to the same location could this be the problem? For me everything works correctly and the correct cert is returned regardless of which domain is used for access.

Eg.

client.domain1.com
client.domain2.com

Both mapped to same location, both domain1 and domain2 have a wildcard. SSL checker reports that both sub domains are presenting the correct cert and everything is installed correctly.

Any ideas?


#2

You should provide a screenshot of the message and the actual domain names in order to help you.


#3

I have an idea to harness the power of ants to generate cryptocurrency…
But that has nothing to do with this forum.

If you fill out the standard questionnaire, maybe we can help you better (and faster).


#4

Here are those questions:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


#5

Error message:

image003

Thank you


#6

the image is too small to be of any use.


#7

Apologies - the image was provided to me by the client’s end user and you are right it is too small.

I have squinted and looked at it again - the users are entering www.subdomain.domain and they should not be.

Very sorry - I think this has wasted your time.


#8

Hi @skinnyvin,

As @rg305 said, the image is too smal to see anything but seems that you are using www.whatever.kitmanonline.com and your wildcard certificate doesn’t cover that domain, it only covers third level domains like newry.kitmanonline.com and abcol.kitmanonline.com but neither www.newry.kitmanonline.com nor www.abcol.kitmanonline.com so that seems the problem.

Cheers,
sahsanu


#9

*.kitmanonline.com is a wildcard is it not?


#10

Oh man! I need sleep!!!


#11

You and me both.

Again - apologies, I spotted it when I strained my eyes to read the URI.


#12

Unfortunately, wildcards only match one level.

*.kitmanonline.com matches e.g. abcol.kitmanonline.com but not www.abcol.kitmanonline.com.

You would have to get a certificate for *.abcol.kitmanonline.com or www.abcol.kitmanonline.com.


#13

@skinnyvin, just in case you didn’t know it:

*.kitmanonline.com doesn’t cover kitmanonline.com and *.abcol.kitmanonline.com doesn’t cover abcol.kitmanonline.com so , if you want to cover the base domain you need to add it to the certificate.


#14

These users have been using this system for many years without www. - why that changed today beats me.

:slight_smile:


#15

If there’s a way to do something wrong, users will inevitably find it eventually. :rofl:


#16

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.