在基于Chrome的浏览器上,ERR_CERT_COMMON_NAME_INVALID

分享于 

2分钟阅读

互联网

  繁體

问题:

尝试在基于Chrome的浏览器上登录我的网站(pvapp.umwelt-campus.de/user/loghin)时出现错误:

POST net::ERR_CERT_COMMON_NAME_INVALID

这是后端的IP和端口。

在Firefox上工作正常,我通过certbot安装证书,相应Nginx设置如下所示:


server {


 listen 80;


 server_name pvapp.umwelt-campus.de;


 return 302 https://$server_name$request_uri;


}



server{


 # SSL configuration


 listen 443 ssl default_server;


 listen [::]:443 ssl default_server;


 add_header 'Access-Control-Allow-Origin' '*';


 add_header 'Access-Control-Allow-Credentials' 'true';


 add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';


 add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH';



 ssl_certificate /etc/letsencrypt/live/pvapp.umwelt-campus.de/cert.pem;


 ssl_certificate_key /etc/letsencrypt/live/pvapp.umwelt-campus.de/privkey.pem;


 ...

我还在后端添加了https (在https://143.93.46.35:60702运行),如下所示:


https.createServer({


 key: fs.readFileSync('/etc/letsencrypt/live/pvapp.umwelt-campus.de/privkey.pem', 'utf8'),


 cert: fs.readFileSync('/etc/letsencrypt/live/pvapp.umwelt-campus.de/cert.pem', 'utf8')


 }, app)


 .listen(nconf.get('port'), function() {


 console.log(`App listening on port ${nconf.get('port')}! Go to https://143.93.46.35:${nconf.get('port')}/`)


 });

已尝试清除缓存,清除Windows ssl缓存重新启动所有内容,并续订证书,: )

答案1:

您需要包含两个主机名都为SAN的证书,或第二个主机的有效证书。


BASE  bro  浏览  CHR  chrome  browsers