apache2 server running ruby on rails application has go daddy cert that works in chrome/firefox and ie 9 but not ie 8
- by ryan
I have a rails application up on a linode ubuntu 11 server, running apache2. I have a cert purchased from godaddy, (where we also bought our domain) and the cert is installed on my server.
Part of my virtual host file:
ServerName my_site.com
ServerAlias www.my_site.com
SSLEngine On
SSLCertificateFile /path/my_site.com.crt
SSLCertificateKeyFile /path/my_site.com.key
SSLCertificateChainFile /path/gd_bundle.crt
The cert works fine in Chrome, FireFox and IE 9+ but in IE 8- I get this error:
There is a problem with this website's security certificate.
The security certificate presented by this website was
issued for a different website's address.
I'm hosting multiple rails apps on this same server (4 right now plus some old php sites that don't need ssl).
I have tried googling every possible combination of the error/situation that I could think of but at this point I'm shooting in the dark. The closest I could come up with is that some versions if IE don't support SNI. But that doesn't apply here because I am getting the warning on windows 7 machines running IE 8, and the SNI only seemed to apply to IE 8 if the operating system was windows XP.
So why is this cert being accepted by all browsers but giving me a warning in IE 8?
Edit:
So doing a little more digging and I figured out some more. It turns out this is effecting IE 9 as well. However the problem seems to be that IE is not traversing the ssl chain to get to the right cert. FireFox and Chrome when I go to view certificate show the correct one, but IE is showing one of our other sites certificates.
REAL QUESTION HERE:
That being the case why is IE not getting the right certificate when others are and how do I fix it?
