View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions Object Storage Custom Certificate - Blocked by SSL_HOST_MISMATCH
Log in to Ask a Question

Object Storage Custom Certificate - Blocked by SSL_HOST_MISMATCH

domain object-storage

Hello,

I want to set up a custom certificate for my bucket. I have followed the guide.

However, I am receiving an error in the browser:

MismatchCert (Hostname mismatch) Blocked by SSL_HOST_MISMATCH
The destination bucket.mydomain.dev is not reachable.
Contact your IT administrator with the following error:
Hostname 'bucket.mydomain.dev' didn't match certificate info, issuer='/C=US/O=Let's Encrypt/CN=R3', subject='/CN=eu-central-1.linodeobjects.com', notbefore='Feb 18 20:07:44 2021 GMT', notafter='May 19 20:07:44 2021 GMT', serial='0437AF7A76264B6EE054A68AD7CA4CB54FB1', altnames='DNS:*.eu-central-1.linodeobjects.com, DNS:*.website-eu-central-1.linodeobjects.com, DNS:eu-central-1.linodeobjects.com, DNS:website-eu-central-1.linodeobjects.com'

I have created the certificate with certbot from one linode for my domain `mydomain.dev. 

 certbot certonly --dns-linode --dns-linode-credentials ~/.secrets/certbot/linode.ini -d mydomain.dev -d *.mydomain.dev

Afterwards I have changed the dns records to CNAME

CNAME Record

Hostname Aliases to TTL
bucket mydomain.dev.website-eu-central-1.linodeobjects.com Default
www mydomain.dev.website-eu-central-1.linodeobjects.com Default

I have also updated the bucket configuration

linode-cli obj ws-create --cluster eu-central-1 --ws-index index.html --ws-error 404.html  mydomain.dev

2 Replies

Linode Staff

In the CNAME record under Aliases to, you would need to include the full domain name, including the subdomain. For example, the record with hostname value bucket, you would want the following:

bucket.mydomain.dev.website-eu-central-1.linodeobjects.com

Same goes for www:

www.mydomain.dev.website-eu-central-1.linodeobjects.com

Hi cmdfarland,

Thanks for the reply. This is kind of correct.

  1. the bucket must be named like the subdomain and domain together. In this example
bucket.mydomain.dev

`

  1. the cname must alias the full domain
Hostname Aliases to TTL
bucket bucket.mydomain.dev.website-eu-central-1.linodeobjects.com Default

```

It is also worth noting that CNAME records don't work for the root domain name. So a subdomain has to be used.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct