21

Any clue for this?

Comments
  • 4
    Look at alternative names. This certificate is valid for a bunch of domains
  • 1
    @YouAreAPIRate wow that's a lot... 😨 And completely unrelated...
    Is it the right thing to do?
  • 2
    Go into the details tab. And then look for "Alternative Names" or DNS-Names.
    This certificate is valid for multiple domains.
  • 1
    If all those domains are hosted on the same server this should be ok. But i dont have experience with this. All i know is that several hosting providers use letsencrypt, and putting all domains in one cert might make it easier for them
  • 0
    @sigfried @YouAreAPIRate
    Some of these are crypto and Russian websites, which don't seems legit.
    Are all the websites using the same private key?
  • 0
    @sunfishcc yes, same certificate and thus same private key.
  • 2
    @sunfishcc im too lazy ^^". Visit some of these sites and compare the certificate fingerprint. Check the ip-addresses of the sites next. If they all are the same (or they all are in a /24-segment) they are hosted by the same provider
  • 0
    Whats wrong?
    They owned that domain
  • 0
    @zokazavevu read the comments. Op was confused because the CN did not match the url. But we found the url's domain in the "additional domains" field of the certificate
  • 1
    Most modern browsers won't even care what the certificate CN is. It is a convention now to make it the domain name.
    What matters is your SAN (Subject Alt Name). A DNS.x refers to a domain, and an IP.x (not usually issued) refers to an IP address.

    You can configure this while generating the CSR.
  • 0
    @sunfishcc because whenever a website is Russian it can't be legit, right? 😟
  • 1
    @mzeffect not really. The mean reason makes me alert is this site supposed to be in US. I'm in NZ, and that crypo mining site also uses NZ domain.
Add Comment