User SSL randomly falls-back to Server Certificate.

Manie

Verified User
Joined
Jul 18, 2006
Messages
124
Location
Utrecht / Netherlands
Hi all,

I currently run in the following problem.
My company has a wildcard SSL certificate.

This is installed on DirectAdmin, Exim and the default webroot used for webmail/phpmyadmin.
- This works all fine.

I have SNI enabled.

I have a user running it's own certificate for a particular domain. This works without issues.

I rung OpenSSL 1.0.1 and Centos 6.8 Final.

Now I have a second user wanting to use SSL.
- When going to the domain the correct certificate is loaded and I get the green https:// in the address bar.
However after refreshing chrome let's say 10 times eventually I end up:

Your connection is not private
Attackers might be trying to steal your information from www.DOMAIN (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID


It seems the server is using the server certificate (I see my wildcard certificate is retrieved by the browser.)

What could be forcing this kind of behavior?

Thanks for any insights in the issue!

Regards,
Armand
 
Hello,

Try to

1. update apache or nginx (depending on what is used).
2. force restart apache or nginx (depending on what is used) with kill -9.
 
Back
Top