Question
Digital Ocean SSL certificate is invalid for origin or edge or custom Spaces endpoint URLs
It is impossible to get a working SSL with Spaces.
Origin URL:
When creating a new Spaces on Digital Ocean and going to the given origin URL, both Firefox and Chrome warns that the SSL certificate is invalid.
The given error is:
This server could not prove that it is subdomain.domain.tld.ams3.digitaloceanspaces.com; its security certificate is from *.ams3.digitaloceanspaces.com. This may be caused by a misconfiguration or an attacker intercepting your connection.
Edge URL
When enabling the CDN, and going to the given edge URL, another error is given (still, both Firefox and Chrome):
This server could not prove that it is subdomain.domain.tld.ams3.cdn.digitaloceanspaces.com; its security certificate is from *.ssl.hwcdn.net. This may be caused by a misconfiguration or an attacker intercepting your connection.
Custom URL
Finally, by using an automatic DO Let’s Encrypt certificate, and going to our custom URL subdomain.domain.tld, the same error arises:
This server could not prove that it is subdomain.domain.tld; its security certificate is from *.ams3.digitaloceanspaces.com. This may be caused by a misconfiguration or an attacker intercepting your connection.
What is weird is that the first error is contradictory - the given wildcard certificate should be just fine for our origin URL. We are on FRA1 region, and working with a .cloud TLD.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×
I have this problem too, thankfully the subdomain cdn works, but gees, if we can’t use
.
in the bucket name.DON’T LET US CREATE A SPACE WITH THAT NAME! :facepalm: