Addding subdomains to certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: azure-developers.net

I ran this command: I used this link https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-using-lets-encrypt-certificates-with-wordpress to successfully generate a certificate for the above domain. However I missed the wildcard for www. I noticed that when a visitor told me that in chrome my site redirects him to non-www but in firefox the redirect doesn’t work and www shows a potential security risk.
I went ahead and repeated the same steps for the Wildcard (this time, it didn’t ask me this type to do any validation with txt) I got a question asking to extend the certificate, I did and I got successful message but the for some reason my site still shows the Warning. Do o I need to run any other command? I use Really simple ssl, I wonder if the plugin is aware of the changes? Thank you for your time.

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version): Apache

My hosting provider, if applicable, is: Amazon LightSail

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
SSH

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Hi @fmedina

checking your domain you have created two new certificates with both domain names - https://check-your-website.server-daten.de/?q=azure-developers.net

So the certificate creation has worked.

But you don't use one of these. Instead:

CN=azure-developers.net
	10.01.2020
	10.04.2020
expires in 90 days	azure-developers.net - 1 entry

You use one certificate with one domain name -> your www version isn't secure.

Check your client (I don't know how Really simple SSL works) how to see a list of created certificates.

And how to install such an existing certificate.

Don't create a new certificate, there is a rate limit.

PS: There is an Apache. What says

apachectl -S

Find your vHosts (one or two), change the certificate manual, restart your Apache.

Thank you so much for your quick and detailed reply. Are all of those certificates valid? I need to find out how to change the certificate, once I pick one, do I need to delete the rest? how do I go about it?

I was unable to find any information regarding Really Simple SSL. My question at this point would be. If I remove the duplicate certificates and leave only the one that includes the wildcard, I assume that Really simple ssl would use it as the primary. Could you please let me know what commands I need to run to safely remove the duplicate certificates?

Thank you again!

That's the wrong way. Please read my complete answer. And change your Apache vHost, that's your job.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.