Getting net::ERR_CERT_COMMON_NAME_INVALID when accessing AWS ALB

0
votes

I am trying to access my AWS Application Load Balancer(ALB) but I am getting a net::ERR_CERT_COMMON_NAME_INVALID instead.

Current Scenario:

  • ALB has an HTTPS:443 listener (only one listener is present) with an SSL Certificate provided for my domain example.com & *.example.com.

I would be more than happy to provide any further details required to support my query.

Thanks in advance.

1
amazon-web-servicesamazon-ec2amazon-elbaws-application-load-balancer
Are you accessing it via one of the hostnames valid in the SSL? - Chris Williams
So my domain name is https://example.com, it's entry is present in the certificate as example.com and *.example.com. When I try to access https://example.com/articles which makes a call to my ALB https://alburl/getArticle, I get the net::ERR_CERT_COMMON_NAME_INVALID error on console. - Rahul Sharma
Does it work on just example.com? - Chris Williams
So my example.com is a static page that is configured by Cloudflare SSL. Its doesn't access my ALB. only /article does - Rahul Sharma
What happens if you try to resolve your domain via the Load Balancer directly instead of CloudFlare? - Chris Williams

1 Answers

1
votes

This comes down to one of the following scenarios:

  • The SSL certificate attached to the load balancer does not include the domain you're expecting it to. For wildcards remember that *.example.com will only cover a single level subdomain such as www.example.com not secondary levels such as beta.www.example.com.
  • The domain you're accessing with the browser is not supported on the SSL, you need to ensure the SSL is valid for that domain only (if it redirects to another domain or you're trying to access via the load balancer domain name it will not be valid).

You should be able to get some more information about the error by running the below.

curl -i -v https://example.com