Cloudflare has observed issuance of the following certificate for theholidaystory.com or one of its subdomains:
Log date: 2021-11-17 03:12:03 UTC
Issuer: CN=R3,O=Let’s Encrypt,C=US
Validity: 2021-11-17 02:12:02 UTC - 2022-02-15 02:12:01 UTC
I get this message every day. But unable to find subdomains. Please help me to find
There’s no “DNS Names” after this line?
sandro
November 17, 2021, 7:29am
#4
You currently have a security issue.
Unencrypted & unverified connections
Imagine you open Paypal and suddenly get that warning
[image]
Would you continue? Probably not. For decades leaders in IT security have advocated that people upgrade their sites from unencrypted HTTP to secure HTTPS. And for a reason, everything you send via an HTTP connection is sent in plain text and can be intercepted at any point between you and the server.
Equally, you’d probably not proceed if you got such a warning, right?
[image]
That’s when th…
1 Like
I am unable to understand your point.
1 Like
Please guide me what to do.
sdayman
November 17, 2021, 2:11pm
#7
Subdomains are covered by the * in that first hostname.
cs-cf
November 17, 2021, 2:15pm
#8
Doesn’t sound like there’s an issue, instead it sounds like you may have subscribned to Cloudflare’s certificate transparency monitoring. https://blog.cloudflare.com/introducing-certificate-transparency-monitoring/
I don’t have any running subdomain. That is why I create this ticket. Need to find why the certificate is issued and where it is used. your kind cooperation is needed.
michael
November 17, 2021, 3:16pm
#10
As @cs-cf said, it looks like you subscribed to Cloudflares CT monitoring.
You can see the certificates issued for your domain here:
https://crt.sh/?Identity=+theholidaystory.com&exclude=expired
You should investigate who is issuing those certs on your behalf. It could be your hosting provider, who is ensuring you have a valid certificate on your Origin. (This would enable you to ensure you can set the SSL Mode to Full Strict, if that is not already the case).
sdayman
November 17, 2021, 3:17pm
#11
It turns out that you do. ‘www’ counts as a subdomain, and that’s the URL your site uses.
1 Like
Thank you Mr Michale for the link.
I don’t think my provider is doing this. Last time my site was attacked with a virus and created a subdomain automatically. The problem was solved at that time. That is why I am a little scared about this case.
sandro
November 17, 2021, 3:47pm
#13
As for that I can really point to the article again.
Dear Sandro
If I am that technically sound, then I don’t come here and seeking for help.
system
closed
December 2, 2021, 5:16pm
#15
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.