Home > Software design >  getting SSL erorr while connecting to second-level subdomain using AWS load balancer
getting SSL erorr while connecting to second-level subdomain using AWS load balancer

Time:09-24

I am using AWS load balancer to listen to dev.example.com and api.dev.example.com. I have added amazon managed certificates in the listener for both the subdomains. I can connect to dev.example.com successfully, but for api.dev.example.com I am getting an SSL error. I am using AWS default security policy(ELBSecurityPolicy-2016-08). I did sslscan for api.dev subdomain and got the following error

  TLS Fallback SCSV:
Connection failed - unable to determine TLS Fallback SCSV support

  TLS renegotiation:
Session renegotiation not supported

  TLS Compression:
OpenSSL version does not support compression
Rebuild with zlib1g-dev package for zlib support

  Heartbleed:

  Supported Server Cipher(s):
    Unable to parse certificate
    Unable to parse certificate
    Unable to parse certificate
    Unable to parse certificate
Certificate information cannot be retrieved.

Why is sslscan failing for api.dev subdomain while it is successful for dev subdomain? How can I resolve this?

CodePudding user response:

Second level subdomains have to be listed in the SSL certificate. If you have a *.example.com wildcard certificate the wildcard is only valid for one level. You would also need to add wildcards for other levels, like: *.dev.example.com.

This is not a limitation of AWS, it is a limitation of SSL certificates.

Page link:https//www.codepudding.com/Softwaredesign/554850.html

Prev:Sending email via MSGraph and ApplicationAccessPolicy
Next:If a CSPRNG is used to pick indexes from a set of characters, is it still cryptographically secure?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding