On 1 October 2013 11:51, Matthieu Boret <mbore...@gmail.com> wrote:
> Hi,
> I've setup Haproxy 1.5 dev 19 to handle my http and https traffic.
> All works fine except when I request the root url in https:
> https://mydomain.com
> My certificate is a wildcard *.mydomain.com

This happens because your wildcard does *not* match your
root/naked/apex/etc domain.

In other words, even though it looks like it might, strictly speaking
a request for "foo.com" is not matched by *.foo.com, so the browser
rejects the cert.

This is a problem commonly experienced when people purchase wildcard
certs from a vendor who hasn't added the root domain to the cert in
the SaN field.

> What is the solution to remove this error?

The solution is to use a correctly set up cert. You need to talk to
your cert provider. They may charge you extra for this.

> An url rewrite and add www?

As David said, there is nothing that HAProxy can do to help here.

Jonathan Matthews
Oxford, London, UK

Reply via email to