Certificate not working when "www" used in URL

balham · January 13, 2023, 7:18am

My domain is: dementia-counselling.co.uk which is a WordPress site.

When I type www.dementia-counselling.co.uk as a URL, the certificate does not work. I have had the certificate since last October and successfully renewed it.

I installed the certificate using Really Simple SSL plugin which now indicates an error "Could not verify alias domain. Please check if the www version of your site also points to this website. If this is not the case, don't add this alias to your certificate." This seems to be a recent thing. I checked the DNS records and there is a CNAME record www.dementia-counselling.co.uk.

In Cpanel (SSL status section) - it states that I don't have a certificate for www.dementia-counselling.co.uk - only for dementia-counselling.co.uk. I don't know if it is relevant, but in the WordPress General Settings I give the site URL as dementia-counselling.co.uk (i.e. without the www).

Please accept my apologies that my technical knowledge is clearly way below most of you here - that's why I used the Really Simple SSL plugin but I would appreciate it if anyone could guide me as to how to correct this problem e.g. uninstall Really Simple SSL/the certificate ... or is there something relatively simple I could do to correct the problem?

Thank you.

My web server is (include version): Don't know.

The operating system my web server runs on is (include version): Don't know.

My hosting provider, if applicable, is: TSO Host (now part of GoDaddy)

I can login to a root shell on my machine (yes or no, or I don't know): I don't know.

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): - I'm using CPANEL to manually install the certificates once Really Simple SSL has produced the keys.

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): I am not using these.

rg305 · January 13, 2023, 7:23am

Hi @balham, and welcome to the LE community forum

As you can see from the certificate renewals:
crt.sh | dementia-counselling.co.uk
the www name wasn't included in the last renewal and it is why that name is having security issues.
[that cert expired on Jan 4]

I don't know why cPanel/Really Simple SSL plugin/WordPress have failed you, but that's not something this forum is dedicated to.

Maybe someone here has a similar setup and can advise you on them.

Until then, I would review them all for the missing "www".
AND
Also review any notes you have from when you originally secured the site with a certificate.

balham · January 13, 2023, 7:38am

Many thanks for your prompt response - much appreciated. You have clarified that the problem arose on renewal.

Is there anyway I can renew again for a fresh certificate?

rg305 · January 13, 2023, 7:40am

Yes, but you should be aware of the rate limits.
If you start to run into trouble, STOP, and switch to the testing/staging environment until all testing has been completed.

balham · January 13, 2023, 8:00am

Thanks for that. Can I do this within the Really Simple SSL Wordpress plugin?

rg305 · January 13, 2023, 8:09am

Sorry, I don't use it; So, I wouldn't know.

griffin · January 13, 2023, 11:17am

Just use CertSage and save yourself a lot of pain.

Bruce5051 · January 13, 2023, 5:59pm

https://decoder.link/sslchecker/www.dementia-counselling.co.uk/443 shows for the SANs on the DNS name dementia-counselling.co.uk but not the DNS name www.dementia-counselling.co.uk. You will need both on the Certificate Signing Request (CSR) in the SANs DNS section.

rg305 · January 13, 2023, 7:45pm

2 posts were merged into an existing topic: Invalid Response Errors

system · February 12, 2023, 7:45pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.