Can't validate on domain name the CSR code (ERROR: The CSR does not appear to be valid)

noione · March 7, 2019, 11:37am

Mar 1, what do you think please ?

schoen · March 8, 2019, 1:59am

It does seem that you got a certificate issued that covers both names, but the certificate is currently not set up on your server. I suspect that conflicts between Webmin and Certbot might be involved in this, but I don’t know much about how to manage these.

I would suggest making a definitive decision about whether you want to obtain your certificates with Webmin or with Certbot. After this, I would suggest

if you want to use Webmin, find someone on this forum or on another forum who is very familiar with it who can guide you with ensuring that Webmin succeeds in configuring your server correctly
if you want to use Certbot, please post your entire Apache configuration (at least, all of the files within /etc/httpd that define virtual hosts), and also the current output of certbot certificates

I’m really sorry for making you go in circles and potentially do the same things over and over again. I know a lot about how Certbot works, but very little about Webmin, and so I don’t understand very much about what to expect in the case where you’ve used both of them to configure your certificates.

noione · March 9, 2019, 10:53pm

Thank you for your response, i will reinstall my server so i would start from the beginning, please do you have any docs or guide so i’ll follow it to reinstall Certbot correctly ?

schoen · March 10, 2019, 8:49am

You can find instructions at https://certbot.eff.org/. (In this case, please don’t also use Webmin to request certificates or change HTTPS settings.)

noione · March 10, 2019, 8:02pm

I’ve reinstalled my server, and i didn’t use Webmin, juste following the instructions but i still have the same error of the navigator that the certificat not valid ‘Your SSL certificate does not match your domain name!’
Here is the result of ‘cerbot certicates’ :
certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Found the following certs:
Certificate Name: coques-telephone.com
Domains: coques-telephone.com www.coques-telephone.com
Expiry Date: 2019-06-08 18:47:41+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/coques-telephone.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/coques-telephone.com/privkey.pem

JuergenAuer · March 10, 2019, 8:19pm

Same as earlier.

Find these lines

and replace with the paths / files of your certbot certificates output.

Your website uses a self signed certificate:

E=root@vmi238974.contaboserver.net, 
CN=vmi238974.contaboserver.net, 
OU=SomeOrganizationalUnit, O=SomeOrganization, L=SomeCity, S=SomeState, C=--
	10.03.2019
	09.03.2020
expires in 365 days

schoen · March 10, 2019, 9:56pm

Now it seems to be working correctly!

noione · March 10, 2019, 10:01pm

Yes thank you so much @schoen and @JuergenAuer

JuergenAuer · March 10, 2019, 10:02pm

Yep, now there is a new Letsencrypt certificate:

CN=coques-telephone.com
	10.03.2019
	08.06.2019
expires in 90 days	coques-telephone.com, 
www.coques-telephone.com - 2 entries

schoen · March 11, 2019, 12:21am

Great! Sorry it took so long—I think things can get really complicated when you use both Certbot and Webmin to configure the same server!

system · April 10, 2019, 12:21am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
NET::ERR_CERT_COMMON_NAME_INVALID with only .org domains Server	7	1895	January 9, 2017
SSL on subdomain hosted on another server Help	12	3310	July 23, 2018
Certificate Invalid Help	7	558	May 7, 2019
My certificate invalid and issued by not Let's Encrypt Authority X3 Help	20	4814	April 1, 2020
SSL certificate is invalid on some computers Help	15	2030	February 6, 2021

Can't validate on domain name the CSR code (ERROR: The CSR does not appear to be valid)

Related topics