Ssl certificate problem
ssl certificate problem - SSL is something that everyone uses, but
dealing with it is a rare occasion. SSL technology does everything for
itself and hardly is there a need of a human involvement of any kind in a
day-to-day affair. This naturally creates confusion when a problem
arises. Here, I have tried to help SSL users with the few ailments that
they often become a victim of.
SSL scuffle: This happens when you accidentally find out that your SSL
Certificate has expired only after being informed on quite a few SSL
errors as complained from the customers. I would say what makes this
happen is the negligence and carelessness. You clearly receive the date
of expiration on your SSL Certificate that gets back from the CA.
Reminder emails can be filled and forgotten or may go unnoticed in the
absence of a concerned person. The best you can do is to put your SSL's
expiry date in a personal space such as your Outlook or Google calendar.
Domain name mismatch: The nature of the problem is associated with
whether your site shows up as "sitename.com" or
"http://www.sitename.com". The problem is not with the opening of the
site with punching in a URL "http://www.sitename.com" for a domain
that's registered as "sitename.com" as you get an automatic HTTP 301
redirect to "sitename.com," but the domain name consistency is needed
for the functioning of your SSL Certificate. If you have taken your SSL
Certificate for "http://www.sitename.com" and you link to
"sitename.com," SSL Certificate will not recognize it as the correct
domain, except a Wildcard Certificate, and you will get an SSL warning.
To avoid this from happening, make sure that you pick the fully
qualified domain name in the field "common-name" while applying for an
SSL.
Intermediate SSL Certificates: This is the perhaps the biggest
confusion. It is a necessity now with most CAs to use the intermediate
SSL Certificates. These are responsible for protecting your root CA key
and also allow companies that have not gotten their root certificates
into your browser to sell SSL Certificates. Well, each certificate
authority may have several different intermediate certificates and you
need to pick the right one. In order to make sure that you do this, test
it using a validation tool from your certificate authority vendor.