Home
Support Forums

HSTS issue - Common name mismatch

Issue’s been resolved. I’m just giving you lads a heads-up. May need review.

What happened?
Browser warned me about the name on the certificate (“11evens.com”) not matching my domain name (robhutters.com.

Solution
The certificate was still valid for another 2 months, but I forced a reissue by removing an alias. That seems to have solved the issue. The default sub-domain however pensive-minsky-a873a6.netlify.app still doesn’t work.

I’m kinda freaked out by this because I don’t understand how this could even happen. Did someone try something nefarious? Doubtful, but still. Don’t know if this issue warrants a brief investigation in your eyes; I just wanted you guys to know that this happened today.

Hi there, @robhutters :wave:

Thank you so much for reporting this to us. I have gone ahead and shared this with the appropriate team. We will follow up on this thread.

Regarding your sub-domain that is not working, how long has this been the case? Was it working before?

Hey @robhutters,
It’s possible that the default subdomain doesn’t work because of your content security policy headers- could you add https://*.netlify.app in addition to https://*.netlify.com and see if that helps?

2 Likes

Hi, @hillary and @jen :wave:

Regarding your sub-domain that is not working, how long has this been the case? Was it working before?

Can’t say, but I solved it with @jen 's help.

Context

I use a static site generator (Hugo) to run a multilingual blog. Hugo outputs two folders, /en and /nl, to the public folder; two redirect directives ensure that Netlify points to the appropriate index.html given a domain name.

[[redirects]]
  from = "https://robhutters.com/*"
  to = "/en/:splat"
  status = 200
  force = false
[[redirects]]
  from = "https://robhutters.nl/*"
  to = "/nl/:splat"
  status = 200
  force = false

This is why the default sub-domain showed a “Page not found” message.

Solution

Add a default redirect rule to the netlify.toml file.

[[redirects]]
  from = "https://robhutters.nl/*"
  to = "/nl/:splat"
  status = 200
  force = false
[[redirects]]
  from = "/*"
  to = "/en/:splat"
  status = 200
  force = false

To anyone trying to solve the same issue, note that the order is important.

This solves the “page not found” issue for the default sub-domain. Maybe there’s still some room for improvement here because setting up redirects like this comes at a, albeit tiny, performance cost to the .com domain visitors.

It’s possible that the default subdomain doesn’t work because of your content security policy headers- could you add https://*.netlify.app in addition to https://*.netlify.com and see if that helps?

StackOverflow pointed me in the right direction thanks to @jen 's solid suggestion.

From SO:

CSPs only apply to resources that create a new execution context (i.e., a Web page)

In my case no files could be found at all, not even the index document, which meant that no new execution context was created and could therefore conclude that the CSP header wasn’t causing the “page not found” issue. This led me to investigate the redirect directive.

2 Likes

hey there, @robhutters :wave:

Thank you so much for coming back and sharing these details in your comprehensive write-up. This will definitely be helpful for future Forums members who encounter something similar! We are glad everything is working now :slight_smile:

1 Like