SSL certificate error with wildcard subdomain @AWS route53 aliased to an ELB

Question

The setup

Route53 record(*.testing.domain.com) linked to an ELB(which uses an Amazon Certificate Manger issued certificate for *.domain.com and domain.com)

The targets of the ELB are running nginx which inturn proxy_passes the incoming requests to a (django)server running on port 80xx (ex: 127.0.0.1:8099).

Note: The nginx server listens to requests on port 80 and 443 and the targets of the ELB are registered on ports 80 and 443.

QUESTION:

I am able to access the following:

http://domain.com
https://domain.com
http://any.subdomain.domain.com

I want to know why I am getting a NET::ERR_CERT_COMMON_NAME_INVALID when I'm trying to access https://any.subdomain.domain.com

Thanks

score 2 · Accepted Answer · answered Mar 29 '18 at 10:28

You need request another certificate for *.subdomain.domain.com

https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html

*.example.com can protect login.example.com and test.example.com, but it cannot protect test.login.example.com. Also note that *.example.com protects only the subdomains of example.com, it does not protect the bare or apex domain (example.com). However, you can request a certificate that protects a bare or apex domain and its subdomains by specifying multiple domain names in your request.

SSL certificate error with wildcard subdomain @AWS route53 aliased to an ELB

The setup

QUESTION:

1 Answers1