cURL error 51: SSL: No alternative certificate subject name matches target host name

If the SSL library installed on your server is outdated (OpenSSL/0.9.8b) you might come across this error while trying to download templates from our cloud. More details about the issue below:

The Problem

When the template cloud installed your site sends a request to our server, it goes through secure connections. These connections run through a firewall, which keeps our server safe from attacks such as DDoS. To be able to do that, we use a system called Server Name Indication (SNI). Every browser after IE6 supports this, and every major CURL version released after March 2008 supports this.

If your server is still using a software older than that, this issue will be obvious.

The Solution

Just ask your hosting provider to update OpenSSL library and you should be OK. The OpenSSL version used should be 1.0 or higher that supports SNI. You may share this article with your host.

Technical Background

To be able to use SNI, you need:

  1. A version of CURL that supports it, at least 7.18.1. The CURL 7.18.1 was released on March 30th, 2008.
  2. This version of CURL should be compiled against a library that supports SNI, usually OpenSSL 1.0 or higher as that enables TLS by default.
Not the solution you are looking for? Check other articles, or open a support ticket.