SSL:证书与名称不符(Cloudflare)

时间:2017-06-23 13:18:35

标签: ssl nginx ssl-certificate reverse-proxy cloudflare

我正在运行此docker以及此配置,以使用cloudfare作为CDN来获得更好的对等,主要用于Plex流。

https://hub.docker.com/r/linuxserver/letsencrypt/

https://github.com/toomuchio/plex-nginx-reverseproxy

直到昨天,当Chrome开始发出此错误时,一切正常:

NET::ERR_CERT_COMMON_NAME_INVALID
Subject: sni220824.cloudflaressl.com
Issuer: COMODO ECC Domain Validation Secure Server CA 2

digicert.com说:

Common Name = sni220824.cloudflaressl.com
Subject Alternative Names = sni220824.cloudflaressl.com, *.aomenlanguifangyuleguibinting.com, *.attractivestrangers.com, *.avrost.cf, *.batrot.tk, *.bytes-os.com, *.cockheyt.nl, *.everythingfixixf.cf, *.fixkitty.tk, *.fixparties.gq, *.glenniest.com, *.hdwallpaperxd.com, *.ipricecat.press, *.planerost.cf, *.pmudlead.cf, *.protoncleaning.com.au, *.resnl.nl, *.rostspy.tk, *.rotplane.ga, *.shopzero.xyz, *.skillreview.com, *.uncuriosolugar.com, aomenlanguifangyuleguibinting.com, attractivestrangers.com, avrost.cf, batrot.tk, bytes-os.com, cockheyt.nl, everythingfixixf.cf, fixkitty.tk, fixparties.gq, glenniest.com, hdwallpaperxd.com, ipricecat.press, planerost.cf, pmudlead.cf, protoncleaning.com.au, resnl.nl, rostspy.tk, rotplane.ga, shopzero.xyz, skillreview.com, uncuriosolugar.com
Issuer = COMODO ECC Domain Validation Secure Server CA 2
Serial Number = 5B8918EF9DBF934021332123CC361CAF
SHA1 Thumbprint = 366A770128B3BD5ACEA675AB1D945DB8365DFDDA
Key Length = 256
Signature algorithm = SHA256 + ECC (excellent)
Secure Renegotiation: Supported
...

Certificate does not match name mydomain.org
docker控制台中的“certbot certificates”告诉我:

root@b03e5d07fcdb:/$ certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Found the following certs:
  Certificate Name: mydomain.org
    Domains: mydomain.org plex.mydomain.org www.mydomain.org
    Expiry Date: 2017-09-21 00:07:00+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/mydomain.org/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/mydomain.org/privkey.pem
-------------------------------------------------------------------------------

Cloudflare SSL设置为Full,现在我已将其设置为Full(严格)。

我是一个新手,所以我有点失落,我的谷歌也没有帮助。

编辑:Aaand一切正常。为什么?我不知道。

我的域名列在digicert和所有反向代理上,plex.mydomain.org正常工作。

2 个答案:

答案 0 :(得分:0)

这通常发生在为一个域而不是整个网站协议设置SSL证书时。例如,您已激活SSL,例如,在www.example.com上会出现错误,我建议您做的是联系您的主机,将没有SSL的URL重定向到使用SSL的URL。另一种方法是购买域名www或非www。

的所有协议的SSL证书

答案 1 :(得分:0)

Aaand一切正常。为什么?我不知道。昨晚我尝试了很多东西,最终放弃了。

我的域名列在digicert和所有反向代理上,plex.mydomain.org正常工作。

相关问题
最新问题