Https SSL cert name mismatch warning – “The security certificate presented by this website was issued for a different website’s address.”

Recently I was working on one project and encountered an Interesting issue related to SSO server’s SSL Cert where it was complaining about being used for a domain name other than it was registered for.

During investigation it was revealed that there are two domain names are configured with same IP. Cert was generated with alias name, hence it was complaining when we call the primary URL which was not listed in that cert.

What that meant is, let say – you have a self-signed cert for local domain “localhost” but you trying to use it for “test.nits.com” as well and both pointing to same IP address for example “127.0.0.1”.

When we trying to call localhost it works fine, as cert have it listed.

When we trying to use other local domain, it giving warning

So what is the problem here with SSO call, as this is just a warning ?

So when we try to call this HTTPS domain where name is mismatching in cert, Async call from project is getting rejected with below error, saying certificate is invalid as per validation procedures.

System.Net.Http.HttpRequestException
Continue reading “Https SSL cert name mismatch warning – “The security certificate presented by this website was issued for a different website’s address.””