Chrome 显示 SSL 无效,但证书有效 [英] Chrome says SSL invalid, but certificate is valid
问题描述
我通过 netlify 创建了一个托管在 www.example.com 的前端.前端对 AWS 上托管的负载均衡器地址进行 API 调用.通过Netlify,我设置了一条A记录,让server.example.com指向负载均衡器.在 Amazon Certificate Manager 中,我通过在 Netlify 中创建 CNAME 记录,成功为 example.com 和 server.example.com 导入了证书.
I created a front-end hosted at www.example.com through netlify. The front-end makes API calls to a load balancer address hosted on AWS. Through Netlify, I set up an A record, so that server.example.com points to the load balancer. In Amazon Certificate Manager, I got certificate imported successfully for example.com and server.example.com by creating CNAME records in Netlify.
然而,当我在浏览器中访问 server.example.com 时,它正确加载了我的 Express Server,但它在浏览器中显示 Not Secure
尽管通过 https 提供服务.它说证书无效.
However, when I visit server.example.com in the browser, it properly loads my Express Server, but it says Not Secure
in the browser despite being served over https. It says the certificate is invalid.
我想知道如何使证书在 server.example.com 上有效 - 任何帮助将不胜感激,因为我已经为此苦苦挣扎了两天.
I'm wondering how to get the certificate to be valid at server.example.com - any help would be much appreciated, as I've struggled with this for two days now.
谢谢!
推荐答案
问题是证书 CN(通用名称)是 drawafterdark.com
并且您正在将它与 server.drawafterdark.com 一起使用.证书有效,但客户端 (Chrome) 将显示证书无效,因为主机名与 CN 不匹配.您必须获得 server.drawafterdark.com
的证书或通配符证书 *.drawafterdark.com
The issue is that the certificate CN (common name) is drawafterdark.com
and you are using it with server.drawafterdark.com. The certificate is valid but client (Chrome) will show that certificate is not valid because hostname doesn't match the CN. You either have to get the certificate for server.drawafterdark.com
or wildcard certficate *.drawafterdark.com
您还可以将 server.drawafterdark.com
添加到 SAN 主题备用名称.然后我们将对 server.drawafterdark.com
和 drawafterdark.com
You can also add server.drawafterdark.com
to the SAN subject alternative name. Then it will we be validate it for both server.drawafterdark.com
and drawafterdark.com
这篇关于Chrome 显示 SSL 无效,但证书有效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!