Why would I get an SSL error with my .page.dev site—but only on some devices/browsers?

Answer these questions to help the Community help you with Security questions.

What is the domain name?

https://aryse-website-n3.pages.dev

Have you searched for an answer?

Yes. A lot.

Please share your search results url:

GoDaddy support chat (when I get the error it is a GoDaddy certificate).
https://maulwuff.de/research/ssl-debugging.html

When you tested your domain, what were the results?

I found this script on GitHub: https://github.com/noxxi/p5-ssl-tools/blob/master/analyze-ssl.pl

I ran it and got this result:

./analyze-ssl.pl --show-chain aryse-website-n3.sites.dev
-- aryse-website-n3.sites.dev port 443
 * maximum SSL version  : TLSv1_3 (SSLv23)
 * supported SSL versions with handshake used and preferred cipher(s):
   * handshake protocols ciphers
   * SSLv23    TLSv1_3   AEAD-AES256-GCM-SHA384
   * TLSv1_2   TLSv1_2   ECDHE-RSA-AES128-GCM-SHA256
   * TLSv1_1   FAILED: SSL connect attempt failed because of handshake problems error:1400442E:SSL routines:CONNECT_CR_SRVR_HELLO:tlsv1 alert protocol version 
   * TLSv1     FAILED: SSL connect attempt failed because of handshake problems error:1400442E:SSL routines:CONNECT_CR_SRVR_HELLO:tlsv1 alert protocol version 
 * cipher order by      : server
 * SNI supported        : SSL upgrade fails without SNI
 * certificate verified : name-mismatch
 * chain on 3.64.163.50
   * [0/0] bits=2048, ocsp_uri=http://ocsp.godaddy.com/, /CN=dan.com SAN=DNS:undeveloped.com,DNS:undeveloped.es,DNS:undeveloped.cn,DNS:undeveloped.uk,DNS:undeveloped.eu,DNS:undeveloped.us,DNS:undeveloped.nl,DNS:undeveloped.be,DNS:undeveloped.co.uk,DNS:undeveloped.domains,DNS:dan.com,DNS:www.dan.com,DNS:undeveloped.fr,DNS:undeveloped.nu
   * [1/1] bits=2048, ocsp_uri=http://ocsp.godaddy.com/, /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
   * [2/2] bits=2048, ocsp_uri=, /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2

Describe the issue you are having:

On some devices/browsers I can access my site with no problems, but on others I get an SSL error like this:

image1920×1032 43.7 KB

What error message or number are you receiving?

ERR_CERT_COMMON_NAME_INVALID

What steps have you taken to resolve the issue?

1. Try to contact Cloudflare, then realize I can’t because I have a free tier account.
2. Try GoDaddy instead, since the certificate is from them.
3. Get told to try Cloudflare. Since I can’t contact them I guess my only option is to try the community.

Was the site working with SSL prior to adding it to Cloudflare?

I never ran this site anywhere other than on Cloudflare at the .pages.dev domain.

What are the steps to reproduce the error:

1. Go to the URL. See if it works in your browser. If it doesn’t, then you’re already done.
2. If the site does work, then I found that you should be able to reproduce it with the script I shared above.
3. Run ./analyze-ssl.pl --show-chain aryse-website-n3.sites.dev.

Have you tried from another browser and/or incognito mode?

Yes. I also tried clearing all browser data and flushing my DNS cache.

Please attach a screenshot of the error:

Screenshot already attached above.

Were you able to resolve this @aaron.beaudoin?

In this example you are using sites.dev rather than pages.dev.

Cloudflare only controls pages.dev and not sites.dev. This other domain seems to have a wildcard DNS record which is serving a static Godaddy certificate.

Can you confirm that it works when you try to access the pages.dev URL instead?

Wow—that’s embarrassing. I spent a whole morning on this and I just had incorrectly written sites instead of pages. Thanks so much, that was definitely the problem.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.