Question : SSL Cert only works for "somedomainname.com" and not "<a rel="nofollow" href="http://www.somedomainname.com" target="_blank">www.somedomainname.com</a>"

I have a web site that requires an SSL certificate for any and all access to it. When I registered the SSL certificate, I inadvertently registered it for "mydomainname.com" and not "www.mydomainname.com"; even if I had, though, I'd still have the same problem, only in reverse (I think)

What is happening is that users of the web site receive an error if they go to "https://www.mydomainname.com" rather than "https://mydomainname.com". I was wondering what the best solution to my situation is (without buying two certs, if possible!). I didn't know if there was code I could write, but my question would be if my code would run before the browser would identify the SSL cert issue... can I redirect at the server level before the browser error?

The site is an ASP.NET 2.0 (with AJAX 3.5 extensions) running on IIS 6 in Windows Server 2003.

Thank you in advance!

Answer : SSL Cert only works for "somedomainname.com" and not "<a rel="nofollow" href="http://www.somedomainname.com" target="_blank">www.somedomainname.com</a>"

Normally you issue a certificate for the exact site name. you should have issued it to www.domain.com instead. For another site, e.g. www2.domain.com, you would need another certificate issued to that specific site. As mentioned above, if you are looking for one certificate to cover multiple site names, then you would typically want a wildcard certificate (*.domain.com). Antoher alternative, particularily for OWA/exchange or for just a couple of servers, you might consider a UC Certificate (multi-domain cert).

Many times, to avoid your issue, the CA will issue to the given name (site.mydomain.com) and also add a Subject Alternative Name for the www (www.site.mydomain.com). Sounds like where you got it from does not do that.

Probably the easiest way to handle this would be to just contact the company that issued the cert and ask them to issue a replacement issued to the correct name. Pretty much all of them (I haven't heard of any that don't) will issue a free replacement certificate within a 2 weeks, up to a month for some. See if they can just use the same CSR or you may need to create a new one, but ask if they can issue it to domain.com and add www.domain.com as a SAN value. Since it is top-level (no site name), they might have a policy against that, but I would expect a quick conversation as you probably aren't the first person to ask. As long as domain.com and www.domain.com as hosted on the same box and provide the same content, they probably won't have issue with it.

Random Solutions

DNS Round robin Server 2003

Understanding Routing and Routers

com.crystaldecisions.sdk.o<wbr />cca.report<wbr />.lib.Repor<wbr />tSDKServer<wbr />Exception:<wbr /> There is no server specified.---- Error code:-2147217390 Error code name:serverNotFound

New Mail Server having issues sending mail to Hotmail,Yahoo

Q about adding extra wireless access point to wireless router via ethernet.

Sporadic LAN Disconnects

Windows Live Hotmail server has exceeded the rate limit allowed

The list of servers for this workgroup is not currently available

Extraneous Logging in Asterisk How to Stop

Difference between Auto Detect and Auto-negotiate 1000Mbps