Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 2963 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

The following domains in the HTTPS certificate "" are invalid and have been removed:

ciwan

I'm having an issue with binding my wildcard ssl cert to my web-application under WAF rule i created... ( i created waf rule for each of my websites, not sure if this is a right way to do..)

Added my wildcard cert under System > Certificates.

When I want my website to use https, I am getting this error message.

What am i doing wrong here? 

How did you fix this? 

Thanks



This thread was automatically locked due to age.
Parents
  • +1

    You're using SFOS 17.5 or older, right? Wildcard domain support was added to WAF in SFOS 18.0.

    Check the release notes for SFOS 18.0.

  • 0 in reply to ewadie

    so i wont be able to use wildcard cert with the firmware i have? SFOS 17.5.10 MR-10

  • 0 in reply to ciwan

    ciwan said:

    so i wont be able to use wildcard cert with the firmware i have? SFOS 17.5.10 MR-10

    You can use wildcard certificates but you can't configure wildcard domains. Normal domains will work.
     
    The warning in your other post ("Following domain(s) will not be covered ...") is because the * in a wildcard certificate only covers a single domain name component like portal. You have 2 components: portal.widget-test. But it's just a warning, you can configure this domain regardless. Just click OK.
  • 0 in reply to ewadie

    so my wildcard ssl cert in xg, should cover all my subdomains like it should but just to ignore the error message?

    so if i had a subdomain test.mydomain.com, this error message wouldn't come up? so this message comes up because i have portal.widget-test.mydomain.com ?

Reply
  • 0 in reply to ewadie

    so my wildcard ssl cert in xg, should cover all my subdomains like it should but just to ignore the error message?

    so if i had a subdomain test.mydomain.com, this error message wouldn't come up? so this message comes up because i have portal.widget-test.mydomain.com ?

Children
  • 0 in reply to ciwan

    ciwan said:

    so if i had a subdomain test.mydomain.com, this error message wouldn't come up?

    Correct. The domain test.mydomain.com is covered by a wildcard certificate for *.mydomain.com, so you won't get a warning.

    ciwan said:

    so this message comes up because i have portal.widget-test.mydomain.com ?

    Correct. The domain portal.widget-test.mydomain.com is not covered by a wildcard certificate for *.mydomain.com, so you will get a warning.

    And maybe I should have pointed this out in my previous answer: If you chose to ignore the warning then you will get a warning from your browser when you access portal.widget-test.mydomain.com for exactly the same reason (for example Firefox: "Firefox does not trust this site because it uses a certificate that is not valid for portal.widget-test.mydomain.com").

  • +1 in reply to ewadie

    got ya thanks. So not to use too many dots will fix the issue. instead of portal.widgets-test.mydomain.com should use portalwidgetstest.mydomain.com :)

    appreciated.