0

I have domains likes

  • app.something.com
  • app.uk.something.com

There is no issue when I access https://app.uk.something.com/login or other urls with path behind, it returns the site with correct certificate issued for app.uk.something.com.

However, when I access root, https://app.uk.something.com/, it redirects to https://app.uk.something.com:8443 and gave an error 

This server could not prove that it is app.uk.something.com;
its security certificate is from app.something.com.
This may be caused by a misconfiguration or an attacker intercepting your connection.

When I checked the cert, it uses the one assigned for app.something.com.

I used acme.sh to issue certs.

What I have done
actually, there are other sites like app.us.something.com, they works fine, so for nginx, I just copied their config, replace server_name, cert, key for new one. Everything is working accordingly except the root now.

Kelvin
  • 1
  • 2
  • Hello and welcome Kelvin. This question may be answered on stackoverflow. Please check this question. https://stackoverflow.com/questions/26517238/nginx-using-wrong-ssl-certificate. Regards. – Arani Jan 15 '19 at 07:25
  • 1
    I suspect that, because of the non-default port number 8443 in the URL, that it is not nginx that is configured with an incorrect certificate, but a different application server that runs the app on port 8443. Check the TLS config of that app – HBruijn Jan 15 '19 at 07:42

0 Answers0