Question
SSLLabs is a third-party site that connects to a domain using SSL and returns information regarding SSL health. It does so by running some tests on the site. This guide is for informational purposes.
When using an SSL certification issued by AutoSSL, you may get a warning from "Certificate #2" showing a mismatch.
Why is SSLLabs "Certificate #2: RSA 2048 bits (SHA256withRSA) No SNI" test showing an error?
Answer
The SSLLabs server test runs two separate trials.
To run the test, visit https://www.ssllabs.com/ssltest in a browser, and enter your domain name in the "Hostname" section. Hit the "Submit" button.
This issue is in regard to SNI. SNI stands for Server Name Identification and it's the functionality that allows multiple SSL's to be installed on a single IP. Previously you could only have one SSL per IP address in cPanel before we enabled support for SNI.
The first test is for SNI. This test should return and show the SSL cert is valid.
The second test does not use SNI. This test will fail. WHM & cPanel uses SNI as the server hostname for multiple sites on a shared IP address.
Modern browsers can understand the difference and will ignore the non-SNI response. However, some older browsers will acknowledge the response.
Further on the SSLLabs server test result page, there is a section called 'Handshake Simulator'. The results are from different protocols that come from a variety of browsers. You may find your browser on this list showing 'Failure'.
To avoid this issue, we would recommend updating the browser to the latest version to get the correct response.