After readin "Living with HTTPS" I decided to switch my private site over to HTTPS only. I got a free certificate from StartCom, installed it, tweaked my vhost a bit, restart apache, and all seemed well at first.
Visiting the site normally, all attempts at reaching the site redirect to the https-version, and both Firefox and Chromium happily agree that the connection is secure. (Although Konqueror seems to refuse StartCom as trustworthy). When I check the
However, when I go to SSL Labs to test the domain, then I immediately get
"Common names localhost
localhost? Ok, after some digging, my apache setup has a default, self-signed certificate with the common name "localhost". However, I can't seem to figure out how SSL Labs "finds" it. No attempt from me connecting with a regular browser can produce this problem, which makes it very hard for me to diagnose and do something about it.
I read "Two common names results in mismatch?". I thought that my certificate had both CN=www.example.com and CN=example.com, but on closer inspection it seems like I only have CN=www.example.com, so I changed my vhost setup from responding to example.com, to www.example.com.
However, this doesn't help with SSL Labs, although Firefox and Chromium happily accept the update.