Www ssl problem

Hi! I have two domains:

  • .dev purchased in Cloudflare deployed to Vercel
  • .com purchased in Hostinger deployed to Github Pages.

https://mydomain.com is properly redirecting to https://mydomain.dev (set a bulk redirect for this). But I have some issues

  1. https://www.mydomain.com should be redirecting to https://mydomain.dev (according to my bulk redirect) but instead I have an error saying Your connection is not private.
  2. https://www.mydomain.dev is also showing Your connection is not private error.

NET::ERR_CERT_COMMON_NAME_INVALID

When checking the SSL Certificates and Edge certificates I can see that they are activated and both versions (www and non-www) should be covered by the certificate. But I don’t understand why it’s not working as expected. Can you anybody give me a hand with this, please?

Can you give the real domains?

Sure!
https://gonzalonso.com and https://gonzalonso.dev

Your redirection works and your sites resolve ok…
https://cf.sjr.org.uk/tools/check?4aa1ae5a855c4915aa7685cb6ab1b5ec#connection-server-http
https://cf.sjr.org.uk/tools/check?d04237ba6a3a4529bb89b35d54acff98#dns

…and both sites report as secure and load ok in a browser for me. Do you still have a problem?

I can see the redirect from gonzalonso.com redirecting to gonzalonso.dev.
But what do you see when you want to access either www.gonzalonso.com or www.gonzalonso.dev?
www.gonzalonso.com should redirect to .dev but for some reason it’s not doing it. And it, and also www.gonzalonso.dev are showing the NET::ERR_CERT_COMMON_NAME_INVALID error saying that connection is not private. Do you see the same?

Sorry, checked the domains but not the www subdomains…

www.gonzalonso.com is not proxied to traffic is going direct to the server and not through Cloudflare, so redirects on Cloudflare won’t do anything. You’ll need to proxy the record if you want it to redirect using Cloudflare.

The certificate on www.gonzalonso.com is for *.github.io, hence the certificate error.

curl -Ivv https://www.gonzalonso.com
*   Trying 2606:50c0:8000::153:443...
* Connected to www.gonzalonso.com (2606:50c0:8000::153) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.io
*  start date: Mar 15 00:00:00 2024 GMT
*  expire date: Mar 14 23:59:59 2025 GMT
*  subjectAltName does not match www.gonzalonso.com
* SSL: no alternative certificate subject name matches target host name 'www.gonzalonso.com'
* Closing connection 0
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS alert, close notify (256):
curl: (60) SSL: no alternative certificate subject name matches target host name 'www.gonzalonso.com'
More details here: https://curl.se/docs/sslcerts.html
2 Likes

tbh I have no idea how to solve this… could you give me a hand, please??

You need to switch the www name from :grey: → :orange: so that visitors reach your redirect on Cloudflare.

I did it and solved the issue. Thank you both for your help!

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.