Forum Discussion

Muhannad_64809's avatar
Muhannad_64809
Icon for Nimbostratus rankNimbostratus
Jan 29, 2018

None of the common names in the certificate match the name that was entered in the URL.

Dears,

 

I am facing an issue with F5 LTM as follows:

 

I am using a Certificate with a common name is example.test.gov.xx for URL echo.gov.com, the certificate is generated by SSL.com so it is a trusted one but i am having an issue coz the common name not match the URL name, please check the error below:

 

((None of the common names in the certificate match the name that was entered (echo.gov.xx). You may receive an error when accessing this site in a web browser)).

 

Also the SAN of the certificate don't match the URL name, please check below:

 

Common name: example.test.gov.xx SANs: example.test.gov.xx , AutoDiscover.test.gov.xx Valid from July 31, 2017 to September 20, 2018 Serial Number: xxxx Signature Algorithm: sha256WithRSAEncryption Issuer: SSL.com DV CA

 

I am searching for a workaround to solve the issue, noting that i tried to specify the server name in the SSL-Profile to be *.gov.xx and echo.gov.xx but this didn't solve the issue.

 

Please note that i don't get the certificate error if the traffic redirected to the server directly which using the same certificate.

 

Please let me know if i have any workarounds that can help.

 

Regards, Muhannad

 

application delivery
LTM

1 Reply

Sort By
  • Kai_Wilke's avatar
    Kai_Wilke
    Icon for MVP rankMVP
    Jan 29, 2018

    Hi Muhannad,

     

    there is unfortunately no "SSL-Profile" workaround/hack available for a mismatching CNAME error within the Browser.

     

    You have to make sure that the URL the user enters matches either the CNAME oder SAN value of your certificate. This can be achive by adding for each site a unique entry (aka. SAN entries) or by using a wildcard entry which is able to cover multiple HOST-names within the same DNS domain (aka. *.domain.com).

     

    Cheers, Kai