First question is arround CAA. I updated my BIND zone files (reverse and forward) with
"wo-lar.com. IN CAA 0 issue “letsencrypt.org”, but the SSL tests still show : DNS CAA No
The 2nd question is related to how to fix that the domain name does not match the certificate common name or SAN! I googled quite a bit, but cannot find a fix
My domain is: wo-lar.com (dynamic IP)
I ran this command:
https://www.ssllabs.com/ssltest/analyze.html?d=wo-lar.com
It produced this output:
Subject wolar-lhs
Fingerprint SHA256: a424212ba07dda51cc7bfb7ee2a4a5b52468443deb4488089898707703d8a227
Pin SHA256: nQeuKBb5webV2z0v0dHN0XIuIsA9geRwoBt43x+p62c=
Common names wolar-lhs
Alternative names - INVALID
I also tried to replace the certificate by running:
certbot --apache -d wo-lar.com -d www.wo-lar.com --expand
My web server is (include version): httpd 2.4
The operating system my web server runs on is (include version): CentOS Linux release 7.6.1810
My hosting provider, if applicable, is: Home Server
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Command line
Thanks for helping, Wolfgang