Something is wrong with my company's website

Something is wrong with my company's website

The tale of the incorrect SSL/TLS certificate.

During some free time on my wonderful vacation to Denver last week, I noticed an error with the SSL certificate on my company's website. Being the company's Information Systems & Security Manager, I should have noticed this earlier.

Low and behold there was an error right on my phone screen....

Frosty Acres SSL/TLS certificate error

Now that I think about it, I may have heard about it from one of our member's Managed Service Provider in an email not too long ago after I told the member that their SPF record was incorrect and their emails were not being delivered successfully. That is another story...

So what really was the issue?

As you can see in the picture above, the warning I received was that the certificate did not match the URL.

So let's take a look at the certificate in more detail...

Frosty Acres SSL Certificate

The certificate was issued to "".

But that looks correct, right?

In a sense, it does. However, the first image was making a request to "" and not "". The browser is looking for the certificate for "".

So how do you fix it?

To fix this issue, you must go back and have a cert reissued for "" with "" as a Certificate Subject Alternative Name.

I should have known this because this is how my SSL certificate is configured on my personal website

Brandons's Cloud SSL Certificate

The certificate for my personal website is issued to and has as an Alternative Name

Since we used a free SSL certificate from LetsEncrpty and our web server is running on a common Linux distribution, I had to run several terminal commands to get Certbot to reissue the certificate. Certbot is a free, open-source software tool for automatically using Let’s Encrypt certificates on manually-administrated websites to enable HTTPS.

Several commands later, I had a valid certificate.

New Certbot Certificate

However, I did manage to break a few things but had my web developer next to me and we quickly got the website back online within a few minutes.

New Frosty Acres SSL certificate

The new certificate looks good and we shouldn't see any issues.

I hope you enjoyed the read. Please feel free to leave any comments.

Did you find this article valuable?

Support Brandon Bowman by becoming a sponsor. Any amount is appreciated!