Question : SSL Cert only works for "somedomainname.com" and not "<a rel="nofollow" href="http://www.somedomainname.com" target="_blank">www.somedomainname.com</a>"

I have a web site that requires an SSL certificate for any and all access to it. When I registered the SSL certificate, I inadvertently registered it for "mydomainname.com" and not "www.mydomainname.com"; even if I had, though, I'd still have the same problem, only in reverse (I think)

What is happening is that users of the web site receive an error if they go to "https://www.mydomainname.com" rather than "https://mydomainname.com". I was wondering what the best solution to my situation is (without buying two certs, if possible!). I didn't know if there was code I could write, but my question would be if my code would run before the browser would identify the SSL cert issue... can I redirect at the server level before the browser error?

The site is an ASP.NET 2.0 (with AJAX 3.5 extensions) running on IIS 6 in Windows Server 2003.

Thank you in advance!

Answer : SSL Cert only works for "somedomainname.com" and not "<a rel="nofollow" href="http://www.somedomainname.com" target="_blank">www.somedomainname.com</a>"

Normally you issue a certificate for the exact site name. you should have issued it to www.domain.com instead. For another site, e.g. www2.domain.com, you would need another certificate issued to that specific site. As mentioned above, if you are looking for one certificate to cover multiple site names, then you would typically want a wildcard certificate (*.domain.com). Antoher alternative, particularily for OWA/exchange or for just a couple of servers, you might consider a UC Certificate (multi-domain cert).

Many times, to avoid your issue, the CA will issue to the given name (site.mydomain.com) and also add a Subject Alternative Name for the www (www.site.mydomain.com). Sounds like where you got it from does not do that.

Probably the easiest way to handle this would be to just contact the company that issued the cert and ask them to issue a replacement issued to the correct name. Pretty much all of them (I haven't heard of any that don't) will issue a free replacement certificate within a 2 weeks, up to a month for some. See if they can just use the same CSR or you may need to create a new one, but ask if they can issue it to domain.com and add www.domain.com as a SAN value. Since it is top-level (no site name), they might have a policy against that, but I would expect a quick conversation as you probably aren't the first person to ask. As long as domain.com and www.domain.com as hosted on the same box and provide the same content, they probably won't have issue with it.

Random Solutions

Windows XP will not load any network cards

not recieving mail

DNS problem - internal random host names resolve to our external website address

Providing support for etrn on a Sendmail server that will handle mail for an Exchange server

Cisco ASA 5200 - Subinterfaces with VLAN's. Problem getting VLANS to communicate with one another.

Server cannot see workstations in My Network places

LDAP / AD config on InstaGate Pro

Building ASterisk RPM

Lynksys wirelss network card not connecting.

Exchange 2003 Redundancy/Replication