SSL on IIS8.5 - Working with named URL, but localhost results in ERR_CERT_COMMON_NAME_INVALID
I have IIS8.5 running on Win Server 2K12 R2. I have a valid SSL certificate registered to server's name foo.domain.com
:
I have configured my website's bindings to use https with this certificate:
I am able to talk successfully to the website when talking to https://foo.domain.com
, but I am unable to talk successfully when using https://localhost.com
or https://127.0.0.1
:
What do I need to do to be able to communicate successfully over localhost?
I have tried:
- Creating a self-signed certificate and attempted to use that, but I can't use two certificates for the same website. Using a self-signed for localhost disables my ability to communicate via
foo.domain.com
I have not:
- Tried to apply intermediate COMODO certificates manually through
mmc.exe certmgr.msc
. Since my current setup is working externally, I do not believe this is the issue. - Modified hosts file to redirect localhost to
foo.domain.com
Solution 1:
Your SSL cert is only valid for the exact FQDN by which the addressee access the website. The subject of the SSL certificate, and the server FQDN in the URL address bar must match. E.g., it is valid only for foo.domain.com
, not foo
, not localhost
, not 127.0.0.1
. This is by design. This is how SSL certificates work.
No self-respecting Certificate Authority will ever issue an SSL certificate for "localhost", because there are a theoretically infinite number of "localhosts" with no way of actually verifying their identity.