Adding extra domain to certificate, locally ok, via web not added

Hello,

In the past I made an certificate based on:

certbot certonly --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory --manual-public-ip-logging-ok --agree-tos -d [domain-no-www]

I added now a domain with following command:

certbot certonly --manual --preferred-challenges dns -d [domain-no-www] -d [domain-with-www]

I check my certificate locally:

certbot certificates

which shows me:


Certificate Name: [domain-no-www]
Domains: [domain-no-www] [domain-with-www]
Expiry Date: 2020-05-18 09:50:38+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/[domain-no-www]/fullchain.pem
Private Key Path: /etc/letsencrypt/live/[domain-no-www]/privkey.pem

Browsing to https://[domain-with-www], Firefox says:

Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for [domain-with-www]. The certificate is only valid for [domain-no-www].

https://www.sslshopper.com shows the same problem.

Apache config for virtual domain [domain-no-www] contains

ServerName [domain-no-www]
ServerAlias [domain-with-www]

What is going wrong?
Many thanks in advance for your suggestions

1 Like

What’s your domain name?
Did you change your certificate path in virtual host configuration after get the new certificate?

Thank you

1 Like

gdpr-cockpit.nl
as for as I can reconstruct, the path (/etc/letsencrypt/live/[domain-no-www]/) hasn’t changed
What do you suggest I try? (revoke, renew…?)

Reload your web server application, like sudo service apache2 reload or sudo service nginx reload. (certbot certonly does not do this for you, so your web server application will not realize that there is a new certificate present on disk!)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.