My domain is: www.efpsychis.gr
My web server is (include version): nginx and docker
The operating system my web server runs on is (include version): linux
My hosting provider, if applicable, is: digital ocean droplet
I can login to a root shell on my machine (yes or no, or I don't know): yes
i installed a certificate using certbot on efpsychis.gr , when visiting www.efpsychis.gr cert not working.
Hi @Inpanic4, and welcome to the LE community forum 
You need to get a certificate that has both names on it.
What was the certbot command used to get the certificate?
[unrelated to your problem]
Also, the site permits some weak ptotocols and ciphers:
SSL Server Test: efpsychis.gr (Powered by Qualys SSL Labs)
Thanks for the quick reply!!
docker compose -f docker-compose.prod.yml run --rm certbot certonly -d efpsychis.gr
after some searching i also generated a cert for www.efpsychis.gr using the same command as above
the docker compose has the volumes at nginx container and certbot image
ssl checker says : Hostname: close Doesn't match Common Name or/and SANs
Try:
docker compose -f docker-compose.prod.yml run \
--rm certbot certonly -d efpsychis.gr -d www.efpsychis.gr
[if you haven't already done so]
The certonly subcommand will only get you a certificate, you need to install it yourself. If you installed it incorrectly into your webserver, you can get these kind of inconsistent results.
Speaking about inconsistent: looking at your cert history at https://crt.sh/?deduplicate=Y&q=efpsychis.gr it looks like you've renewed most of the older certs except for the www subdomain. And the dates of renewal are also not consistent it seems: the latest cert for `awstats was issued a day after you'd expect. Do you have renewal automated?
Also, I'm interested what kind of certificates are currently available to Certbot, as it's relatively easy to suddenly have two certs for the domain with overlapping certs. Usually you could just run sudo certbot certificates, but with Docker I have no idea how that would work.
Found the following certs:
Certificate Name: efpsychis.gr
Serial Number: 33e1412e7f86573d1524062f74779a2338c
Key Type: ECDSA
Domains: efpsychis.gr
Expiry Date: 2023-05-13 18:12:16+00:00 (VALID: 74 days)
Certificate Path: /etc/letsencrypt/live/efpsychis.gr/fullchain.pem
Private Key Path: /etc/letsencrypt/live/efpsychis.gr/privkey.pem
Certificate Name: www.efpsychis.gr
Serial Number: 33baed59aafbf72b26cca6903cfdc533f82
Key Type: ECDSA
Domains: www.efpsychis.gr
Expiry Date: 2023-05-28 17:40:48+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/www.efpsychis.gr/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.efpsychis.gr/privkey.pem
Unless you are providing different content for each name, they could easily be served from the same vhost and using one certificate [with both names on it].
Each LE certificate can hold up to 100 names.
I agree with Rudy, especially for the www subdomain I would integrate both hostnames into a single certificate.
Renewing an existing certificate for efpsychis.gr and www.efpsychis.gr
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/efpsychis.gr/fullchain.pem
Key is saved at: /etc/letsencrypt/live/efpsychis.gr/privkey.pem
This certificate expires on 2023-05-28.
These files will be updated when the certificate renews.
Show again:
certbot certificates
Found the following certs:
Certificate Name: efpsychis.gr
Serial Number: 4dac247ca584bb40229e40c22dabc0e0d0b
Key Type: ECDSA
Domains: efpsychis.gr www.efpsychis.gr
Expiry Date: 2023-05-28 18:09:29+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/efpsychis.gr/fullchain.pem
Private Key Path: /etc/letsencrypt/live/efpsychis.gr/privkey.pem
Certificate Name: www.efpsychis.gr
Serial Number: 33baed59aafbf72b26cca6903cfdc533f82
Key Type: ECDSA
Domains: www.efpsychis.gr
Expiry Date: 2023-05-28 17:40:48+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/www.efpsychis.gr/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.efpsychis.gr/privkey.pem
OK, you can remove the second cert:
certbot delete --cert-name www.efpsychis.gr
Then restart/reload the web server for it to use the latest cert.
You rock!! Thanks
Now the site can be reached (securely) via both names:
SSL Server Test: efpsychis.gr (Powered by Qualys SSL Labs)
SSL Server Test: www.efpsychis.gr (Powered by Qualys SSL Labs)
That said, it is still showing some very weak protocols and ciphers 
Cheers from Miami 
Also, if you registered your email address when obtaining the certs, you should expect an expiration notice about that deleted second cert in about 70 days. You can safely ignore those.