Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
TLS errors can be obnoxious because OSI Transport layer's can cause issues. In any case, when you get the certificate error what do you see in Google Chrome?
Diagnosing the Cert Misbehavior
1. Open Chrome Browser
2. Hit F12 to open the Developer console
3. Click "Network"
4. Visit the site url where it whines about the cert and click straight through.
5. In the Developer Console, click "Security". It's at the end of the bar, so you might have to use the dropdown.
6. Click the "View certificate" button
7. This should give you a clue about your cert error. In this test case, the url is "http://qliksense", but the certificate was issued to "qliksense.somecompany.net" and browsers won't like that one bit.
Rafael Matamoros <span class="icon-status-icon icon-partner" title="Partner"></span> wrote:
...
But my question is, if i put the different ip's in the white hosts list, the certificate is not valid for every url? I don't have knowledge about certificates.
I need to create a new certificate for every different ip? Exists a procedure to create these certificates in sense or I need external tools? I read in other post if i restart the proxy service, the certificates in sense are regenerated and same happens if we delete them. Maybe i'm wrong.
No, certificates are valid for the DNS names specified in the certificate*:
Most browsers have developer tools (commonly accessed by F12) and allow drill down into the certificate specifications for a given site.
* There has been a recent push by browsers to validate based on the DNS Name param rather than the previously used common name: https://www.thesslstore.com/blog/security-changes-in-chrome-58/
Back to your original scenario, are you closing the browser before alternating HTTP vs. HTTPS? Chrome for one certainly does not like getting a cookie issued from a HTTPS site then going to the HTTP variant, I've found.
Hope that helps.