ssl certificate problem
Ssl certificate problem
ssl certificate problem - SSL is something that everyone uses, but dealing with it is a rare occasion. SSL technology does everything for itself and hardly is there a need of a human involvement of any kind in a day-to-day affair. This naturally creates confusion when a problem arises. Here, I have tried to help SSL users with the few ailments that they often become a victim of.
SSL scuffle: This happens when you accidentally find out that your SSL Certificate has expired only after being informed on quite a few SSL errors as complained from the customers. I would say what makes this happen is the negligence and carelessness. You clearly receive the date of expiration on your SSL Certificate that gets back from the CA. Reminder emails can be filled and forgotten or may go unnoticed in the absence of a concerned person. The best you can do is to put your SSL's expiry date in a personal space such as your Outlook or Google calendar.
Domain name mismatch: The nature of the problem is associated with whether your site shows up as "sitename.com" or "http://www.sitename.com". The problem is not with the opening of the site with punching in a URL "http://www.sitename.com" for a domain that's registered as "sitename.com" as you get an automatic HTTP 301 redirect to "sitename.com," but the domain name consistency is needed for the functioning of your SSL Certificate. If you have taken your SSL Certificate for "http://www.sitename.com" and you link to "sitename.com," SSL Certificate will not recognize it as the correct domain, except a Wildcard Certificate, and you will get an SSL warning. To avoid this from happening, make sure that you pick the fully qualified domain name in the field "common-name" while applying for an SSL.
Intermediate SSL Certificates: This is the perhaps the biggest confusion. It is a necessity now with most CAs to use the intermediate SSL Certificates. These are responsible for protecting your root CA key and also allow companies that have not gotten their root certificates into your browser to sell SSL Certificates. Well, each certificate authority may have several different intermediate certificates and you need to pick the right one. In order to make sure that you do this, test it using a validation tool from your certificate authority vendor.
ssl certificate problem - SSL is something that everyone uses, but dealing with it is a rare occasion. SSL technology does everything for itself and hardly is there a need of a human involvement of any kind in a day-to-day affair. This naturally creates confusion when a problem arises. Here, I have tried to help SSL users with the few ailments that they often become a victim of.
SSL scuffle: This happens when you accidentally find out that your SSL Certificate has expired only after being informed on quite a few SSL errors as complained from the customers. I would say what makes this happen is the negligence and carelessness. You clearly receive the date of expiration on your SSL Certificate that gets back from the CA. Reminder emails can be filled and forgotten or may go unnoticed in the absence of a concerned person. The best you can do is to put your SSL's expiry date in a personal space such as your Outlook or Google calendar.
Domain name mismatch: The nature of the problem is associated with whether your site shows up as "sitename.com" or "http://www.sitename.com". The problem is not with the opening of the site with punching in a URL "http://www.sitename.com" for a domain that's registered as "sitename.com" as you get an automatic HTTP 301 redirect to "sitename.com," but the domain name consistency is needed for the functioning of your SSL Certificate. If you have taken your SSL Certificate for "http://www.sitename.com" and you link to "sitename.com," SSL Certificate will not recognize it as the correct domain, except a Wildcard Certificate, and you will get an SSL warning. To avoid this from happening, make sure that you pick the fully qualified domain name in the field "common-name" while applying for an SSL.
Intermediate SSL Certificates: This is the perhaps the biggest confusion. It is a necessity now with most CAs to use the intermediate SSL Certificates. These are responsible for protecting your root CA key and also allow companies that have not gotten their root certificates into your browser to sell SSL Certificates. Well, each certificate authority may have several different intermediate certificates and you need to pick the right one. In order to make sure that you do this, test it using a validation tool from your certificate authority vendor.
