Why does IE think that my certificate is invalid?

nginx https ssl internet-explorer tls

I have my chained certificate from Dreamhost set up and working for all browsers. I have 2 sites with 2 certs from dreamhost, example.com and sub.example.com.

All browsers are fine with the certs on both sites, except IE6, 7, and 8 (on XP, haven't tried other OSes). IE is fine with example.com, but it thinks that sub.example.com is trying to use the example.com cert.

Looking at the fingerprints in Firefox 3, Firefox is using the right cert for each domain. Looking at the fingerprints in IE, it's using the example.com cert and not the sub.example.com cert. (this part is really weird to me -- IE is going out of its way to go up a domain level and get the wrong cert?)

I'm using nginx.

Let me know if you'd like any more info. Thanks!


Solution 1:

Just figured this out -- I forgot to give the subdomain its own IP address.

More info:

http://nginx.org/en/docs/http/configuring_https_servers.html#sni

http://en.wikipedia.org/wiki/Server_Name_Indication

Related

Why is there a 10 second delay when printing on Ubuntu Server 10.04?
Routing to various node.js servers on same machine
ssh connection slow when using @hostname.com, but not when using @ipaddress
RTNETLINK answers: Invalid argument
Forward all ports incoming to a specific IP to internal IP address
SQL Server suddenly using only a small portion of CPU
Postfix installation error on Ubuntu
Blocking a country (mass iP Ranges), best practice for the actual block
is there a way to see only the Message Queuing section of Computer Management?
HTTP Error 500.19 - Internal Server Error in Windows 7 IIS
htaccess vrs httpd.conf?
Somebody eating all our bandwidth, what should I do?