IIS 7 and Above
Post SSL Cert setup redirecting to wrong certificate, requiring port...
Last post Apr 10, 2020 09:40 AM by Jalpa Panchal
Apr 07, 2020 04:57 PM|MANollette|LINK
Going to try my best to be helpful with the description here, despite having little experience with IIS myself and not being the one to set up our SSL certificate, I've been tasked with figuring out why it won't work.
We have two SSL certificates set up - one for our company website, Company.com, and one for our web applications, with utilizes CN cmpsft.online. Two of our web applications - we'll say app2 and app3 - work fine. We utilize cmpsft.online:8443/app2 and cmpsft.online:8443/app3.
The third, app1, doesn't function. When we initially go to URL cmpsft.online:8443/app3, it will send us to the site successfully, but navigating to any page of the app contained in a sub-folder in our directory gives us a 'common name invalid' error and says
"This server could not prove that it is cmpsft.online; its security certificate is from www.company.com." (our main company site certificate). Additionally, when navigating to these pages, it attempts to send the user to (for
example) https://cmpsft.online/app1/subfolder/subfolder2/page.asp. However if I manually input the port and change it to https://cmpsft.online:8443/app1/subfolder/subfolder2/page.asp, the page will pull up successfully.
All 3 web applications are under the 'default website' category in IIS. Behavior protocols are set to HTTPS, and everything is as it should be as far as I can tell (though as I've mentioned, I'm no expert here). I'd really appreciate any direction anyone
here can give me.
Apr 08, 2020 07:32 AM|Jalpa Panchal|LINK
A common name mismatch error occurs when the common name or SAN of your SSL/TLS Certificate does not match the domain or address bar in the browser. This can happen simply by visiting https://domain.com instead of https://www.domain.com if the certificate
does not have them both listed in the SAN of the certificate.
You could refer this below link:
Apr 08, 2020 05:17 PM|MANollette|LINK
Unfortunately, applying the 'www' prefix doesn't load the page at all, and the issue was without it to begin with.
Apr 10, 2020 09:40 AM|Jalpa Panchal|LINK
could you share your certificate and binding snapshots?
do not forget to remove the sensitive information from the snapshot.