SSL Certificate with Wrong Hostname

Question

SSL Certificate with Wrong Hostname The SSL certificate for this service is for a different host. The commonName (CN) of the SSL certificate presented on this service is for a different machine. Purchase or generate a proper certificate for this service

solution provided on other sites : "Purchase or generate a proper certificate for this service."

What is the proper solution to go away for this vulnerability from linux machines and how to implement the solution ?

simon_blakely · Answer

&gt; solution provided on other sites : "Purchase or generate a proper certificate for this service."&nbsp;This is the correct answer - you need to update your certificate with the appropriate CN name or Subject Alternative Name (SAN).&nbsp;When someone connects to your website over SSL/TLS, you send them a certificate.  They compare the domain name they were connecting to (www.yoursite.com) to the CN and SAN of the presented certificate. If there is no match, their browser shows the warning.&nbsp;With an LTM and a vs with a client-ssl profile and server-ssl profile, you can present the correct certificate from the virtual server, and you do not need to ensure that all the pool members have the correct certificate.&nbsp;But you do need to have the matching certificate on your virtual server.&nbsp;You will need to create a new Certificate Signing Request (CSR) for your Certificate Authority, and update the certificate.

Forum Discussion

SSL Certificate with Wrong Hostname

1 Reply

Recent Discussions

F5 loadbalancer not working

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Related Content

Re: Management Certificate

F5 BIGIP showing wrong time

Automate Let's Encrypt Certificates on BIG-IP

Automating ACMEv2 Certificate Management on BIG-IP

My Security+ Certification Journey