I’d like to first point out that I’m new to SSL certs in every way. Here’s my setup:
Server A (Server 2008 R2, IIS v7.5)I used LetsEncrypt-win-simple v1.9.3 to generate/install an SSL cert for my site: tango.adambohil.com. Everything went smoothly and I was able to access https://tango.adambohil.com without any issues (site has since been taken down). I then decided to experiment with a couple sites on an SNI-compatible version of IIS and spun up the VM below.
Server B (Server 2012 R2, IIS v8.5)I created two sites on this server -- alpha.adambohil.com and bravo.adambohil.com. I was able to reach the non-secure/http versions of each of these sites. I then used Win-Acme v1.9.10 (formerly LetsEncrypt-Win-Simple) to generate/install certs.
However, when I try to visit the secure/https sites, I get the following errors:
- IE: This site is not secure. This might mean that someone’s trying to fool you or steal any info you send to the server. You should close this site immediately. The hostname in the website’s security certificate differs from the website you are trying to visit. Error Code: DLG_FLAGS_SEC_CERT_CN_INVALID
- Firefox: Your connection is not secure. The owner of alpha.adambohil.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
Chrome: Your connection is not private. Attackers might be trying to steal your information from alpha.adambohil.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
*** Additionally, Chrome shows: “This server could not prove that it is alpha.adambohil.com; its security certificate is from tango.adambohil.com. This may be caused by a misconfiguration or an attacker intercepting your connection.”
When I look at the certs on Server B (in IIS and in Local Certificates > Web Hosting folder) the certs have the appropriate names.
What am I missing? I’d really appreciate a point in the right direction. Please let me know if I can provide any additional information.