Hello All,
I generated the certificate for https://bloombench.com/ and the page loads without any HTTPS error but when I try to open it by the ip address (https://52.77.178.151/) - it gives a NET::ERR_CERT_COMMON_NAME_INVALID error. Is it because the reverse DNS entries are not added ?
I also generated a separate certificate for ecs2.bloombench.com (its just a machine with no web server).
That's not how it works. The cert must match the literal name that the client chose to use. So even if you have CNAMEs pointing around, the cert must contain the name that the client initially chose, not a name that appears after following a CNAME or reverse resolving the IP address.
Simply don't use the IP address directly. Why do you do that anyway?