|We have noticed that the host name of your site does not match any of the "Names" in your SSL.....||Herb Hoffman||4/30/14 1:57 PM|
My URL is:
and got this notice. We have noticed that the host name of your site does not match any of the "Names" in your SSL.
I called 1shoppingcart.com and they say they use a shared SSL certificate and it is not coming from them.
I am concerned that if I ignore this email that people will not be able to access my site.
Where do I go; who is responsible and how do I resolve this issue?
|Re: We have noticed that the host name of your site does not match any of the "Names" in your SSL.....||Kim Tremblay||4/30/14 2:07 PM|
Just to let you know, I am in Canada and opened without any problem.
|Re: We have noticed that the host name of your site does not match any of the "Names" in your SSL.....||Gaieus||4/30/14 3:10 PM|
This happens when one wants to access your site under the https protocol: https://www.theallergykit.com/
The solution would be to 301 redirect your https version to http. Please, read:
|Re: We have noticed that the host name of your site does not match any of the "Names" in your SSL.....||Makana Hut||4/30/14 3:15 PM|
I got the same message and have the same concerns. Not sure how to fix when I don't even have SSL
|S & P Potter||4/30/14 4:01 PM|
Hello - what is the difference between "http" and "https"? Our website was created under "http", but I believe when we asked Google to index our site, we typed "https" by mistake. Now we received the same message as above "We have noticed that the host name of your site, https://www.potterrenovations.com, does not match any of the "Subject Names" in your SSL certificate, which were:"
How do we correct this situation? Also why doesn't Webmaster have a contact phone so that we could speak to someone live to ask how to correct? Any help you can provide would be appreciated.
|Gaieus||4/30/14 4:42 PM|
Best would be to start your own topic to avouid confusion.
Anyway, https refers to "secure" connection which is supposed to be backed up with a certificate that may be missing thus alerting visitors. You should remove the https version of your site from WMT and add the simple http version. Then redirect https to http as per above.
As for phone support: you get as much direct support as much you pay for it. Not for webmasters tools but for AdWords for instance. You can imagine what a huge staff and cost it would be for Google with the millions of webmasters in the World?
|Reformation Lutheran||5/1/14 4:03 AM|
I received the same notice however I am not sure why because there is no need for the site to have an SSL certificate because it is not a secured site. HTTPS is for security so why is google sending a notification on a site that does not use the HTTPS protocol?
|S & P Potter||5/1/14 4:32 AM|
I think it is because I goofed when I typed the URL on google.com/addurl - I think I must have typed https, rather than http. I was dealing the night before with a secure site to clean up my laptop and noticed the "s" in their URL. Must have stayed with me when I typed this in - that's the only explanation I have.
I have gone back and typed in the correct URL with google.com/addurl. I've also double checked my site and the WMT and all have http. Not sure what else to do. If anyone has any idea's on how to let Google know that I made this "typo" only, would be grateful. I don't want to even attempt the 301 redirect as I only made a typo to Google and I would not want to complicate things further. Ideas?
|webado||5/1/14 4:47 AM|
Google is simply providing information about the server response for https access to your url. If it responds but the SSL cert does not match the domain, the warning tells you that.
All that this means is that the server has port 443 enabled so that https can be accessed on it. There is an SSL cert on the server but it is not for your specific site, hence the warnings you'd get when trying to access your domain's url using https.
Hosters typically install a self-signed SSL cert applicable to the server but not to any specific website on the server in order to facilitate certain backend functions that may require https (Cpanel, WHM, webmail, etc).
If your site does resolve via https (warning aside), then you can 301 redirect https to http on your site unless you prefer to get your own SSL cert so as to get rid of the browser warning.
If your https url does not resolve to your actual site (after accepting the warning), then you cannot do anything about it except ask the hoster if they can close port 443.
|Ideflex||5/1/14 6:33 AM|
I also received the same warning about a hosting/domain name purchased through Wordpress.com which supposedly shouldn't have this type of SSL issue - contacting the support of your site host wouldn't hurt but it would be interesting to know whether this is just another make-work project for us from Google... Anyone have any solutions or should we all just sit here, ignore it and hope for the best?
|JohnMu||5/1/14 7:03 AM|
Thanks for your feedback, everyone - and I'm sorry for the confusion this has caused. We'll see what we can do to improve this going forward.
As Webado mentioned (thanks!!), what has happened is that our crawlers have discovered URLs on your site that are being served with HTTPS by your server, but which are not using a correct certificate. This is a legitimate problem: if users were to use those URLs, then they would either see an error message in their browser, or have a false sense of security.
That said, it looks like we might be a bit too optimistic in sending out these messages. For example, if nobody ever uses the HTTPS URLs, then fixing the certificate might not be a priority on your side.
|Testmy toe||5/1/14 11:26 AM|
If I have never had an SSL and never setup anything myself to use https why would it be checking/finding it in the first place?
|Brendan T||5/1/14 12:12 PM|
I hope this means an end to this? It's pretty annoying to get 2 emails every day with no way to stop them. I think that counts as spam.... I'm sure you're on it, but I just wanted to reiterate the discontent on this one ;P
|Katya Smith||5/1/14 4:04 PM|
I have had my SSL for about 6 months now and never got these emails before yesterday so the excuse that it has something to do with being on the same server is a bit odd, also, I have 0 links on my non https sites to https so that is also void and I have not recently added my sites to any indexes. None of the answers on any of these topics is useful. I want to stop it from happening not just come up with a work around.
|webado||5/1/14 4:48 PM|
We cannot help you guys if you don't provide your urls.
|Michael Westbay||5/1/14 5:08 PM|
[W]hat has happened is that our crawlers have discovered URLs on your site that are being served with HTTPS by your server, but which are not using a correct certificate.
That suggests that there is a link in my site sending others to HTTPS. But to the best of my knowledge, all such links go to the correct subdomain that the certificate is signed for.
Now, if there are such links to HTTPS that do not go to the secure subdomain, I would surely like to know about them. That little bit of additional information, the origin of links leading to improperly secured pages, would be most helpful. I'm afraid that the current pushback to this notification may be that the message, as it, is not so helpful.
|Katya Smith||5/1/14 5:11 PM|
I don't understand why you would need our URL's I guess. One of my sites with the warning is street-fashion.net - has never had an SSL, has no secure links to itself on it, and by some insane coincidence all of my sites on the server got the warning at the same time (about 10 sites) so it clearly has nothing to do with my sites but some server wide issue or google issue.
|Katya Smith||5/1/14 5:11 PM|
it's probably godaddy's fault, like everything else that happens.
|(unknown)||5/1/14 5:18 PM||<This message has been deleted.>|
|webado||5/1/14 5:25 PM|
|Katya Smith||5/1/14 5:35 PM|
Why am I just now getting warnings about that after 6 months of having an SSL for the other site and why didn't godaddy do that for me when they issues me the SSL (or at least inform me)? Thanks.
|webado||5/1/14 5:45 PM|
I don't know why it took 6 months for you to be notified of that. But this is the situation now and you cannot deny it.
Did yo have all those sites on that same IP from the start?
As for Godaddy, I'm quite sure somewhere in the fine print it's mentioned that for the SSL to be valid, your site needs to be on a unique IP and no other sites should be on that IP.
In any case it's not up to the certificate issuer, rather the hoster to install an SSL cert properly. Ask them anyway since they seem to also be your hosters.
|Katya Smith||5/1/14 5:55 PM|
Strange and interesting..good for me then that the one with the SSL is the main domain on the hosting account I guess..hopefully I can actually get a different ip without paying for a new hosting plan. Or, maybe I can just ignore google's extraordinarily delayed reaction.
|webado||5/1/14 6:02 PM|
You could implement 301 redirections for all your other domains from https to http.
Do this for each add-on domain you have: https://sites.google.com/site/onlyvalidation/page/301-redirect-https-to-http-on-apache-server
|Craig Miller (Shopify)||5/2/14 8:19 AM|
This is causing an immense amount of confusion for 100,000 Shopify store owners. We provision an SSL certificate for their checkout process at checkout.shopify.com, but not for their own domain. So our customers are contacting us in droves asking why Google is telling them that their SSL certificate isn't valid. Can you please stop the messages?
|Makana Hut||5/2/14 9:46 AM|
|JohnMu||5/3/14 3:57 AM|
Thanks for all of your feedback on this! We decided to pause these messages when we saw that they were causing confusion, and we'll work on making them clearer & consider tweaking the criteria for them before restarting them.
In general, while I agree that it may not currently be practical for all sites to serve their content properly on HTTPS, I think it still makes sense for the hoster to make a clear decision: either serve content via HTTPS properly, or not serve content there at all. Serving content via HTTPS without a valid TLS/SSL certificate will result in users seeing scary browser warnings, and avoiding that probably makes sense even if only a handful of users see them.
At any rate, we'll be back, and we'll be watching out for your feedback in the meantime.
|(unknown)||5/5/14 9:48 AM||<This message has been deleted.>|
|(unknown)||5/5/14 9:51 AM||<This message has been deleted.>|