cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SSL redirect working on Chrome but not Safari or Firefox

Forgive me for creating a new post, but I could not find a solution in the other threads. I added a standard UCC SSL to five websites I host this week. The main website is not showing up as secure in Chrome, but it is in Explorer. The other four are showing up as secure in Chrome, but in Explorer they are getting the following error:

This site isn’t secure

The hostname in the website’s security certificate differs from the website you are trying to visit.

Error Code: DLG_FLAGS_SEC_CERT_CN_INVALID

In Firefox they are getting the error:

Your connection is not secure. The owner of (my website) has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

And in Safari:

This connection is not private. This website may be impersonating (fill in my website url) to steal your personal or financial information.

SSLshopper shows no errors. I have tried editing my .htacccess file. I have tried setting up SSL redirect in Godaddy. Any other ideas? Could it be because the four domains are subdomains on my main hosting site? Here is the .htaccess code I am using, with "sample" replaced with my URL:

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$

RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$

RewriteEngine On

RewriteCond %{HTTP_HOST} ^sample.com [OR]

RewriteCond %{HTTP_HOST} ^www.sample.com$

RewriteCond %{SERVER_PORT} 80

RewriteRule ^(.*)$ https://www.sample.com/$1 [R=301,L]

Any help is appreciated!

1 REPLY 1
Highlighted

Re: SSL redirect working on Chrome but not Safari or Firefox

I am having a similar issue. I have spoken with 6 techs, one of which is senior level, and they say my force non-www script should be working, but it isn't. It works with Chrome and Opera, but doesn't work with Firefox and, worst of all, Safari. iPhones that put the www. prefix before the domain name will see the "This website may be impersonating "www.domainname.com" to steal your personal or financial information. You should close this page." warning! I would rather they see an insecure warning than this. It was never explained to me when I bought my first 5 pack. Now I have a 15 pack UCC before I realized the problem. What do I tell my clients who thought they were paying for an SSL? No one has taken any responsibility for this issue yet, either. Would you sell someone one roller skate and tell them to enjoy roller skating and smile like everything is great? If there was a fix to the problem with Safari, I would be thrilled with this product, so is there anyone who has an answer that works on all browser platforms?