Apache ssl:warn server name

Hi,

My vhost configured by certbot-auto is not working.

Log warning:
[ssl:warn] [pid 7064] AH01909: RSA certificate configured for 127.0.0.1:443 does NOT include an ID which matches the server name

My vhost config:
<IfModule mod_ssl.c>
<VirtualHost *:443>

        ServerAlias beta.timetech.com.br
        DocumentRoot /var/www/time/beta/public

        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/time/beta/public>
                AllowOverride All
        </Directory>

    <Directorymatch "^/.*/\.git/">
        Order deny,allow
        Deny from all
    </Directorymatch>

        ErrorLog ${APACHE_LOG_DIR}/time_error.log
        LogLevel warn
        CustomLog ${APACHE_LOG_DIR}/time_access.log combined

SSLCertificateFile /etc/letsencrypt/live/beta.timetech.com.br/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/beta.timetech.com.br/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/beta.timetech.com.br/chain.pem
</VirtualHost>
</IfModule>

That’s odd! Could you post the original port 80 vhost? That’s what certbot-auto uses as a template for the SSL vhost. Maybe this happens when the port 80 vhost only defines a ServerAlias, but no ServerName.

pfg, you’re right. Both configurations have only ServerAlias.

I change the ServerAlias to ServerName in 80 and 443 configurations, restarted apache and still not working. Only port 80 works.

Warning has changed:
RSA certificate configured for beta.timetech.com.br:443 does NOT include an ID which matches the server name

telnet beta.timetech.com.br 443 results in a timeout. Maybe a firewall issue?

Warning has changed:
RSA certificate configured for beta.timetech.com.br:443 does NOT include an ID which matches the server name

The port 443 is open for all traffic in my EC2 Security Group.

Everything worked after restart my EC2 instance. Thanks pfg!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.