Wednesday, November 28, 2018

Let's Discuss About SSL Related Server Error And Their Solutions

Browser warnings-are something that everyone comes across at some point. These warnings are generated to prevent users from an unsecured connection. Without appropriate knowledge, the user tends to ignore these warnings. Without wasting time let’s discuss most common SSL related Server Error and possible solutions.

Common SSL Related Server Error 

  • Server Data Error: Expired certificates are the main cause of almost all the server data errors. Simple solution for such errors is ‘do not let your SSL certificate expire’. It is possible that you have certificates from different Certificate Authorities (CAs). It might be difficult to keep track of each and every issued certificate. To resolve such issues, all you need is a management platform and inventory tool.
Solution:
  • Inventory tool: it will locate all SSL certificates that you have installed and respective CAs who have issued them.
  • You can also use APIs and ACME protocol to keep track of installed SSL certificates.



  • Server name mismatch error: When Comodo Wildcard SSL certificate is installed, it is important to include all sub-domain names along with host domain. You can include ‘within the scope’ or specific domain name. Remember ‘www’ and ‘non-www’ domain versions are not one of the same things. Wildcard error can arise due to oversight or multiple levels of the domain. For example: If you have installed the certificate for *.mysite.com, there are chances that it may not cover ‘example.shop.mysite.com’.

Solution:

  • You have to include both on the certificate or list them under Wildcard SSL certificate.
  • Double check host-name while including it in your certificate.
  • Server Authority Invalid Error: Major browsers have come up with a list of trusted CA’s. If you want to verify the authenticity of your CA, you can look for their name in this list. Also, check whether the certificates of your website are chained to a root. Along with is also check whether it is listed in the browser’s trust list. TheError can occur due to the use of self-signed certificates or government operated roots. The Government operated roots are not listed in Standard trusted store. Use of such roots can lead to warnings.
Solution:

  • Do not use self-signed certificates on the public website
  • Ask your employees to ignore warnings only for internal sites (intranet), not for general browsers.
  • Some CA’s offer non-public roots designed specifically for internal networks.

No comments:

Post a Comment