![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 89%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIS%3C/text%3E%3C/svg%3E)
Azure Kubernetes Service
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
2,447 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 4%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
Hello, @Issam Sisbane !
Why is NGINX giving me a fake certificate error?
There are 3 conditions that need to be met for NGINX to show the correct certificate. If any of the conditions are not met, then you will see the fake certificate issue you are describing:
- The CN (Common Name) field (or at least one of the SANs/Subject Alternative Names) in the certificate.
- The host field in the ingress rule.
- The host used by the client to make the request.
If one of these does not match, then the client will be presented with a fake certificate.
The first suggestion would be to confirm which hostname/FQDN is being invoked by the client in this case. Is it the same one that is used when accessing using the browser?