Strange Certificate Issue

Discussion in '3CX Phone System - General' started by wsh, Dec 13, 2017.

Thread Status:
Not open for further replies.
  1. wsh

    wsh

    Joined:
    Mar 5, 2012
    Messages:
    6
    Likes Received:
    1
    When I try to go to several installed systems using a 3CX supplied domain name (ie ??.south.3cx.us) I get the following error - NET::ERR_CERT_COMMON_NAME_INVALID. When I expand the details of the error all of these sites are resolving to the name of another 3CX that is working fine. Basically, it appears as if the same cert site1.south.3cx.us is installed on all 4 sites (site2.south.3cx.us, etc.). If I ping the DNS of each of these they are resolving to the proper public IP's. I have cleared my browser cache etc, but this isn't the issue as it does this on ANY computer.

    Any help is greatly appreciated.
     
  2. NickD_3CX

    NickD_3CX Support Team
    Staff Member 3CX Support

    Joined:
    Jun 2, 2014
    Messages:
    1,344
    Likes Received:
    78
    I have such a headache a few weeks ago as well, so I resulted in doing 2 things that worked for me:
    • Open the Windows 'hosts' file and remove any entries there that might be for those FQDNs (nslookup does not look at this file)
    • In your browser, remove all certificates you may have added manually (or use a browser you never used before)
     
  3. wsh

    wsh

    Joined:
    Mar 5, 2012
    Messages:
    6
    Likes Received:
    1
    Nothing in my hosts file.

    I have cleared my cache, but also as I said it does this on ANY pc. Even ones that have never gone to the systems at all.

    Just to clarify

    Go to site1.south.3cx.us - works fine
    Go to site2.south.3cx.us - Get the NET::ERR_CERT_COMMON_NAME_INVALID error. If you click on the error in Chrome it shows that it is site1's certificate??

    If you PM me I don't mind providing the actual domain names so you can see for yourself.
     
  4. NickD_3CX

    NickD_3CX Support Team
    Staff Member 3CX Support

    Joined:
    Jun 2, 2014
    Messages:
    1,344
    Likes Received:
    78
    I checked the FQDNs you sent me in the PM and they seem to work fine (check PM response). Is it possible that there is an issue with the DNS at the location you are accessing from? In the PM I sent you I also sent screenshots of the certificates and IPs everything resolves to.

    Try nslookup AND ping to each of the non-working FQDNs and check that the resolving IP is the same.
     
Thread Status:
Not open for further replies.