Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames error when sending request from frontend to the server

Question

Every time I try to send request from my frontend to the server, I am getting `Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames` error where hostname:  and certifcate's altnames:  and I can't seem to figure out what's causing this error.

Here is how my application is set up
- frontend next.js app deployed on Vercel
- domain is from Squarespace but it is using Route 53's custom Nameservers
- Route 53 configured as domain service, connected to Vercel via CNAME and A record
- ALB with certificate from ACM for my domain (example.com and *.example.com) attached and have listener on HTTPS:443 forwarding traffic to the target group
- ECS running behind ALB

I think I am missing something very simple but I cannot figure out what it is. I would appreciate any help on this. Thank you!

Answer

There might be an incorrect DNS record causing your frontend to resolve the ALB DNS name to something that doesn't match the certificate and Your ALB might be configured to serve the wrong certificate, or misconfigured in the way it handles the traffic from your frontend.

As a solution

From the machine where your frontend runs (or if it's a web app, from your browser's developer tools), use nslookup  to verify that it resolves to the expected ALB address.
In the AWS console, navigate to your ALB and its HTTPS:443 listener. Double-check that the certificate selected is the correct one for "example.com" and "*.example.com".

Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames error when sending request from frontend to the server

관련 콘텐츠