Qualys SSL Server Test - Certificate #2

answered
#1

When testing my website, a second certificate (Certificate #2) shows up in the test report:


Certificate #2: RSA 2048 bits (SHA256withRSA) / No SNI

Alternative names: *.netlify.com netlify.com / MISMATCH

Trusted: No / NOT TRUSTED / Mozilla Apple Android Java Windows

What does this mean? Is there a reason for concern?

#2

Hi there @tmoberg, can you share the URL that you tested? Without that we can’t really debug. Thanks!

#3

Sorry, I forgot that. Here it is:

https://thingsof.org

#4

I think it’s for the Netlify subdomain that is given by default. (XXX.netlify.com)

#5

Yup, @ylemkimon, the default certificate does cover the default netlify subdomains.