Secure Connection Failed
An error occurred during a connection to domain.com. PR_END_OF_FILE_ERROR
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the web site owners to inform them of this problem.
我仅在根域中收到此错误。我的子域运行良好。我的 ssl 证书适用于 *.domain.com
,我尝试使用 domain.com
ssl 证书,但这使我在子域和根域上的连接不安全。
重新加载 3 次后,网站会在 Brave 和 Chrome 浏览器上加载。最初的 2 次点击给出了相同的错误。这在 Firefox 上给出了一致的错误。
最佳答案
如果您阅读 AWS ACM 的文档(您可能会将其与 AWS 负载均衡器一起使用),您会发现以下内容:
When you request a wild-card certificate, the asterisk (*) must be in the leftmost position of the domain name and can protect only one subdomain level. For example, *.example.com can protect login.example.com, and test.example.com, but it cannot protect test.login.example.com. Also note that *.example.com protects only the subdomains of example.com, it does not protect the bare or apex domain (example.com). To protect both, see the next step.
因此,在这种情况下,您可以保护 *.domain.com
但 domain.com
不是此通配符的一部分,这就是为什么您会看到错误。要解决此问题,您需要创建一个同时包含 *.domain.com
和 domain.com
的证书,以便可以为来自子域和顶级域的 HTTPS 流量提供服务.
有关如何执行此操作的更多信息可以在本文档中找到: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html
具体来说这一部分:
- To add another name, choose Add another name to this certificate and type the name in the text box. This is useful for protecting both a bare or apex domain (such as example.com) and its subdomains such as *.example.com).
关于amazon-web-services - 使用带有 aws 负载均衡器的路由 53 的顶级域的 SSL 验证失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/72609881/