Facing the cURL error 51: SSL: no alternative certificate subject name matches target host name ‘websitedemos.net’ while importing the Astra Sites?
Here is the fix.
If the SSL library installed on your server is outdated (OpenSSL/0.9.8b) you might come across this error while trying to download templates from our cloud. More details about the issue below:
When the template cloud installed your site sends a request to our server, it goes through secure connections. These connections run through a firewall, which keeps our server safe from attacks such as DDoS. To be able to do that, we use a system called Server Name Indication (SNI). Every browser after IE6 supports this, and every major CURL version released after March 2008 supports this.
If your server is still using a software older than that, this issue will be obvious.
Just ask your hosting provider to update OpenSSL library and you should be OK. The OpenSSL version used should be 1.0 or higher that supports SNI. You may share this article with your host.
To be able to use SNI, you need:
- A version of CURL that supports it, at least 7.18.1. The CURL 7.18.1 was released on March 30th, 2008.
- This version of CURL should be compiled against a library that supports SNI, usually, OpenSSL 1.0 or higher as that enables TLS by default.