None of the common names in the certificate match the name that was entered (www.itresume.ru). You may receive an error when accessing this site in a web browser. Learn more about name mismatch errors.
Common name: simulative.ru
SANs: simulative.ru, www.simulative.ru
Valid from June 22, 2022 to September 20, 2022
Serial Number: 039f13a5a0a8b91c9d8b6cb7be84085c0478
Signature Algorithm: sha256WithRSAEncryption
Issuer: R3
My web server is:
nginx
The operating system my web server runs on is:
ubuntu
I can login to a root shell on my machine (yes or no, or I don't know):
yes
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.29.0
We tried to renew certificates but with no effect. Help please
Because the cert returned for the www is for your other domain simulative.ru so it looks like nginx is not matching the www.itresume.ru domain so is using the default server block (simulative?) instead.
And, you don't have a cert that covers the www.itresume.ru domain
If that server is handling https requests (port 443) it needs all the rest of the SSL config just like the server block for itresume.ru. Items like ssl_certificate and so on. You can check what cert your domain names return using a site like this one
This server block does not handle HTTPS requests since it is not listening on port 443 (and does not have any ssl config). It only redirects HTTP requests from a www request to http://(domain) but that is all it does. To make it redirect to HTTPS you should change $scheme to https
For https requests, when a request arrives for https://itresume.ru it goes to your default https server which is the first https server block or one marked default (in your case it is the simulative https server block). You can review the nginx docs for how server blocks are selected.
You have several options. Just two are:
One is to make a small server block configured for ssl with the server_name www.itresume.ru which just redirects to the https://itresume.ru$request_uri
Another idea is in your existing https server block for itresume.ru to change your server_name to this:
server_name itresume.ru www.itresume.ru;
And add this to that server block:
if ($host = www.itresume.ru) {
return 301 https://itresume.ru$request_uri;
}
In all cases, you should expand your cert to include the www.itresume.ru name