-3

I have bought a wild-card certificate for *.helloworld.com in "Godaddy" and had tried to use it in "2.2.2.2" that is in digital ocean which has my apache installed, ssl configured based on the above certificate.

On trying to run the "https://2.2.2.2", i received the following error:

"2.2.2.2" uses an invalid security certificate.

The certificate is only valid for the following names:
 *.helloworld.com, helloworld.com

 (Error code: ssl_error_bad_cert_domain)

To overcome this issue, i had tried to do a forward with masking in "godaddy" for "x.helloworld.com" which is pointing to "https://2.2.2.2".

Still, i am facing the Error code: ssl_error_bad_cert_domain.

I am interested in having a clear understanding of my issue. Kindly Someone help me by providing your views on this issue. Thanks in advance.

Ganeshan
  • 1
  • 1
    Possible duplicate of [SSL certificate for a public IP address?](http://serverfault.com/questions/193775/ssl-certificate-for-a-public-ip-address) – kasperd Dec 23 '15 at 12:04

1 Answers1

3

Certificates are checked against the exact domain name you are using to access a web site regardless of the site ownership/other configuration settings. https://2.2.2.2 does not match the pattern *.helloworld.com or helloworld.com so you get the error if you access using that URL (even if a helloworld.com domain happens to resolve to 2.2.2.2).

If you configure DNS properly for helloworld.com you will be able to add a hostname (A) record for whatever.helloworld.com that you point at 2.2.2.2. Then access the site via that hostname instead of the IP and you should not see certificate errors.

Am I missing something - is there a particular reason you have to use the IP address and cannot set up a DNS name?

Mintra
  • 531
  • 3
  • 7