Qualys SSL Server Test - Certificate #2

When testing my website, a second certificate (Certificate #2) shows up in the test report:

Certificate #2: RSA 2048 bits (SHA256withRSA) / No SNI

Alternative names: *.netlify.com netlify.com / MISMATCH

Trusted: No / NOT TRUSTED / Mozilla Apple Android Java Windows

What does this mean? Is there a reason for concern?

Hi there @tmoberg, can you share the URL that you tested? Without that we can’t really debug. Thanks!

Sorry, I forgot that. Here it is:


I think it’s for the Netlify subdomain that is given by default. (XXX.netlify.com)

Yup, @ylemkimon, the default certificate does cover the default netlify subdomains.