Ssl error bad cert domain

Having issues with all my sites:

All have similar issues:
Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for (website name). The certificate is only valid for the following names: *.netlify.com, netlify.com

Error code: SSL_ERROR_BAD_CERT_DOMAIN

Unable to communicate securely with peer: requested domain name does not match the server’s certificate.



HTTP Strict Transport Security: false

HTTP Public Key Pinning: false

Hi @kangpeter5! Welcome to netlify community.

I just refreshed all of your sites’ certificates. Can you let us know if things are working better now?

1 Like

@laura Yes that worked. Thank you!

1 Like

Hi @laura I am also receiving SSL_ERROR_BAD_CERT_DOMAIN for robwatts.org, could you please refresh my certificates?

Hi @robertwatts! Just got that cert refreshed for you!

1 Like

Many thanks Laura :smile:

Hey @laura, I am receiving the same issue on my website samuelvierny.com, could you refresh mine too? It has been up for a couple months now, sorry I tried to contact you personally but couldn’t find out how.

Hi, @Samuel-Vierny, I believe this certificate would have auto-renewed in four days (which would have been a week before it was going to expire). I just clicked the renew certificate button here (and you can do this anytime as well):

https://app.netlify.com/sites/serene-hoover-786174/settings/domain#ssl-tls-certificate

This successfully renewed the SSL certificate. If there are other questions or concerns, please let us know.

Hello @luke @laura ,
I seem to be having the exact same issue as the original poster.

The website is insert website here

CHROME: NET::ERR_CERT_COMMON_NAME_INVALID
FIREFOX: SSL_ERROR_BAD_CERT_DOMAIN

Could you please help? Thanks in advance.

Hi @tylercaceres! Welcome to netlify community.

We just got that fixed for you!

Thank you very much @laura
I’m still unable to login using firefox or chrome, however I do see that it is now a ‘secure connection’.

My coworkers are able to login now. I suppose it might just be something wrong with my computer.
Thanks once again @laura for the help. :slight_smile:

@tylercaceres, I have seen some browsers cache SSL certificates. If you continue to get invalid certificate errors after clearing the browser cache, please let us know.

Hi Laura,

I am having an Issue with my SSL for therunningcoder.com as well. Would you be able to Help?

@laura

@laura @lukas1994 , i tried clearing browser cache and still does not work on either firefox or chrome.
Also, safari no longer works anymore. None of my browsers allow me to login with the correct credentials anymore. :fearful:

These are the error messages in console that I am getting for the browsers.

FIREFOX: Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at insert API website here. (Reason: CORS request did not succeed).
CHROME: xhr.js:166 GET insert API website here net::ERR_CERT_REVOKED
SAFARI: Failed to load resource: An SSL error has occurred and a secure connection to the server cannot be made.

@tylercaceres, these errors look like an SSL error at the API endpoint. Also, I don’t think that API endpoint is hosted at Netlify. (If I’m mistaken about this, please let me know.)

If the SSL error is occurring for the API endpoint, please contact the support team where that API is configured. If the API endpoint is at Netlify, what is the URL for the API being used?

If there are other questions about this, we are happy to answer.

Thanks @luke, I will contact the API support team. :slightly_smiling_face:

Hi, @Bobby, and welcome to our Netlify community site.

I believe the issue for therunningcoder.com is that it is configured to use Netlify DNS here:

https://app.netlify.com/account/dns/therunningcoder.com

However, the name server (NS) records for this domain are not configured as required for Netlify DNS. Here is the WHOIS information for this domain (therunningcoder.com):

$ whois therunningcoder.com | grep -i "name server"
   Name Server: NS1.HOSTINGER.COM
   Name Server: NS2.HOSTINGER.COM
   Name Server: NS3.HOSTINGER.COM
   Name Server: NS4.HOSTINGER.COM
Name Server: ns1.hostinger.com
Name Server: ns2.hostinger.com
Name Server: ns3.hostinger.com
Name Server: ns4.hostinger.com

As you can see above, the name servers are not the Netlify controlled name servers mentioned in the DNS configuration panel (the top link in this post).

To resolve this issue and get an SSL certificate, one of two DNS configurations is required (either/or):

Once DNS is configured using one of the two methods above, we will be able to add an SSL certificate for these domain names to this site.

Would you please let us know if there are questions about getting either configuration working? If so, we’ll be happy to answer.

Hi Luke,

Thanks for your response - and so fast to, not to mention after hours.

I thought I did update my name servers on Hostinger but I guess it didn’t take. I just did it again and it looks like they are point to Netlify now. Would you be able to confirm this?

Thanks so much

Bobby

Hi, @Bobby, the answer is “yes”. I do see this domain configured for Netlify DNS now. I also see the SSL certificate was provisioned about 30 minutes after the last reply here.

It should be working now and, if there are other questions, please reply here (or make a new topic) anytime.