5 months ago
Hello!
I'm having issues linking my services to a custom domain from GoDaddy.
When I want to enter to them from any browser I have this warning screen (or some similar warning):
> The connection is not private
> An attacker may be trying to steal your information from (e.g. passwords, messages, or credit cards). Learn more about this warning
> net::ERRCERTCOMMONNAMEINVALID
> Enable enhanced protection for the highest level of Chrome security
>
> This server could not prove that its domain is ; the security certificate comes from *.up.railway.app. This may be due to an incorrect configuration or an attacker intercepting the connection.
It also can appear this message:
> often uses encryption to protect information. When Brave attempted to connect to , the website returned incorrect and unusual credentials. It is possible that an attacker wants to impersonate app.prhive.co or that a Wi-Fi login screen interrupted the connection. Your information remains secure because Brave stopped the connection to prevent data exchange.
>
> You cannot visit now because the website uses HSTS. Network attacks and errors are usually temporary, so it is possible that this page will work later.
Maybe there is a mistake in my domain's DNS configuration (the domain doesn't have a certificate by GoDaddy's side). For more context I bought another domain without certificate from Namesilo, I linked it with subdomains to the same services and they worked well, without these issues.
Thank you in advance.
0 Replies
5 months ago
what environment?
5 months ago
there are no deployments in production?
Dumb question: Maybe your browser cache has an older version of this certificate from a different service if you're reusing it?
Other thoughts are to check ntp and the cert's expiry date
I don't think so, I've tried it from browsers in different devices and I'm having the same result
@echohack I'm not reusing the services, I meant to say that I've made these tests in other environment in the same project with the same services (the structure and the deploys)
Debugging SSL is a bear and a half but I might reach for openssl in this case. Try
openssl s_client -connect [[manatide-app-production.up.railway.app](manatide-app-production.up.railway.app):443]([manatide-app-production.up.railway.app](manatide-app-production.up.railway.app):443) -servername [manatide-app-production.up.railway.app](manatide-app-production.up.railway.app) (This is my nuxt/typescript app, replace with your public domain)
oh, is your CN greater than 64 characters by chance? I forgot about that one
5 months ago
I'm fairly certain we will not serve a cert unless you have an active deployment
@Brody @echohack I made a deploy and created the DNS records again and it worked well. Thanks a lot for your help! 😄 👍
5 months ago
awsome!
5 months ago
!s
Status changed to Solved brody • 5 months ago