Having wildcard(*) SSL certificate in common name (CN) issues? Here’s what you can do about it
Are you having issues with your wildcard SSL certificate, or have you seen a message akin to “WILDCARD(*) SSL CERTIFICATE IN COMMON NAME (CN)?” The second half of this question is actually a fairly misleading one because it’s a hyper-specific error that is really just a variant of a more common wildcard SSL error. So, if you have a wildcard SSL certificate installed on your server and you’re running into this issue, keep reading.
An In-Depth Look at Why a Wildcard SSL Certificate Causes a Domain Mismatch Error on a Second Level Subdomain
We know, you’re here because your wildcard SSL is not working on a second level subdomain for some reason. To help you understand why, we first need to tell you a bit about wildcard SSL certificates and what they do and don’t secure. The digital certificate industry is, at times, needlessly opaque about what its products actually do. The wildcard is one of the biggest offenders. It’s often marketed as securing “unlimited subdomains.” And that’s partially true — with one important caveat:
Troubleshooting a common SSL certificate error
One of the more frustrating aspects of web browsers and the errors they generate is that they all generally use different nomenclature. While Chrome and Opera tend to operate on the same plane, Safari, Firefox and Microsoft Edge all do their own thing. Case in point, let’s consider the error code SEC_ERROR_UNKNOWN_ISSUER in Firefox.