SSL Issue — "Your connection is not private" + HSTS Blocking

Help
1

Hello,

I am encountering an SSL issue with multiple projects deployed on the default .vercel.app domain.

Recently, when accessing my .vercel.app sites, I see the following error:

“Your connection is not private”

Additionally, because of the HSTS policy that was set when the project was functioning properly, I am now unable to bypass this error and access the sites at all.

Important points:

  • Projects with only the default .vercel.app domain are affected.
  • Projects where I have added a custom domain are working fine without any issues.
  • I have tried redeploying, clearing the browser cache, creating a new project — but the issue persists.

It seems there may be a problem with SSL certificate renewal for the default Vercel domains.

Could someone from the Vercel team please look into this?

Thank you so much for your help! :folded_hands:

2

Hello,

Which domain are you having issue with? Could you run this script and share us the output ? GitHub - vercel-support/vercel-connect-debug: A one line script to help debug connection issues to Vercel hosting

Do you have any antivirus software / browser extension / VPN or corporate proxy?

3

Hello,

Here is the information you requested:

  • Domain with issue: atmedia-nextjs.vercel.app

  • Debug file: I have attached the vercel-debug.txt file to this email.

Regarding your questions:

  • Antivirus Software: Yes, I am currently using AhnLab V3 Lite.

  • Browser Extensions: No significant extensions that would affect the connection.

  • VPN: No, I am not using a VPN.

  • Corporate Proxy: No, I am not behind any corporate proxy.

Please let me know if you need any more information.

Thank you very much for your support!

Best regards,
Si Hwan Lee

(Attachment vercel-debug.txt is missing)

4

I don’t see vercel-debug.txt. Can you share it again? Can you also temporarily disable antivirus and see if it helps?

5

Hello,

Here is the information you requested:

  • Domain with issue: atmedia-nextjs.vercel.app

Regarding your questions:

  • Antivirus Software: Yes, I am currently using AhnLab V3 Lite.

  • Browser Extensions: No significant extensions that would affect the connection.

  • VPN: No, I am not using a VPN.

  • Corporate Proxy: No, I am not behind any corporate proxy.

As I was unable to attach the vercel-debug.txt file due to attachment restrictions,
please let me know if there is an alternative way to send the debug file to you.

Thank you very much for your support!

6

Can you try disabling it and see if it works?

You can upload the attachment on Google drive or similar platform and share the link.

7

Hello,

Thank you for your reply.

I have uploaded the vercel-debug.txt file to Google Drive. Here is the link:
https://drive.google.com/file/d/15HirYdV9vkeVRVlEAq_bKukVfSIj-Rwj/view?usp=sharing

I have also temporarily disabled my antivirus software (AhnLab V3 Lite) and tested accessing [https://atmedia-nextjs.vercel.app/](https://atmedia-nextjs.vercel.app/), but the SSL error still persists.

Additionally, upon further inspection, it seems that the SSL certificate currently served for atmedia-nextjs.vercel.app is issued for *.vercel.sh instead of *.vercel.app.

Because of this mismatch, browsers are throwing the error NET::ERR_CERT_COMMON_NAME_INVALID and blocking access to the site.

Could you please verify and correct the SSL certificate associated with this project?

Please let me know if you need any further information.

Thank you very much!

Best regards,
Si Hwan Lee

Vercel
Vercel122×105 682 Bytes

Swarnava Sengupta swarnava Vercel Staff
April 28

Bullcherry:

  • Antivirus Software: Yes, I am currently using AhnLab V3 Lite.

Can you try disabling it and see if it works?

You can upload the attachment on Google drive or similar platform and share the link.

8

The Problem

  1. DNS Poisoning: Your local DNS resolver is returning an incorrect IP address (121.189.57.82) for atmedia-nextjs.vercel.app
  2. Malicious Redirect: When connecting to this incorrect IP, you’re redirected to http://warning.or.kr
  3. SSL Failure: The SSL handshake fails because the certificate doesn’t match the domain you’re trying to access

Evidence from Logs

  • Your local DNS resolves to: 121.189.57.82
  • Google’s DNS (8.8.8.8) resolves to the correct Vercel IPs: 216.198.79.1 and 64.29.17.1
  • The connection log shows a 302 redirect to warning.or.kr:
< HTTP/1.1 302 Found
< Location: http://warning.or.kr

Recommended Solutions

  1. Change DNS Servers: Configure your network to use Google’s DNS (8.8.8.8 and 8.8.4.4) or Cloudflare’s DNS (1.1.1.1)
  2. Check for Malware: Run a full system scan as DNS poisoning can be caused by malware
  3. Flush DNS Cache: Run the following command as administrator:
ipconfig /flushdns

  1. Check Hosts File: Ensure your hosts file doesn’t contain malicious entries:

  2. Windows: C:\Windows\System32\drivers\etc\hosts

  3. Linux/Mac: /etc/hosts

  4. Contact Your ISP: If the issue persists, your ISP’s DNS servers might be compromised

This appears to be a ISP issue rather than a configuration problem with your application. You can see SSL certificate is correctly installed here: SSL Checker

9

Hello,

I would like to provide some additional information regarding the SSL certificate issue.

It seems that the same SSL error (NET::ERR_CERT_COMMON_NAME_INVALID) is occurring across multiple projects deployed under my account, not just atmedia-nextjs.vercel.app.

Here are the other affected projects:

It appears that this SSL issue is affecting all my .vercel.app deployments.

Could you please check and help correct the SSL certificates for all of these projects as well?

Thank you very much for your assistance!

Best regards,
Si Hwan Lee

10

The SSL certificate is correctly installed which you can use third party service like SSL Checker or SSLlabs test to verify. Your DNS system is currently pointing to a different gateway which is causing the SSL issue. If you try switching DNS to Cloudflare or Google DNS or any other DNS service, it might work.

11

Hello,

Thank you very much for your detailed guidance and support.

I have followed your recommendations, changed my DNS settings, and now everything is working correctly.

I really appreciate your help and prompt responses throughout the process.

Best regards,
Si Hwan Lee

1 Like
12

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.