Created a certificate through Certbot but Chrome is saying invalid cert

Help
1

Hi,

I created a cert using the below command and it ran without error and seemed to produce the files necessary. I’ve updated the vhost file to point at

SSLCertificateFile /etc/letsencrypt/live/mobilesignalsolutions.co.uk/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mobilesignalsolutions.co.uk/privkey.pem

And when I load my site on Chrome or Firefox it’s saying the certificate is not valid, but inspecting the cert from the address it appears to show that a certificate if present.

I must be missing something fundemental here, any help is greatly appreciated

My domain is: mobilesignalsolutions.co.uk

I ran this command: sudo certbot certonly --apache

It produced this output:

My web server is (include version): Ubuntu 18.0.4 LTS

The operating system my web server runs on is (include version): Linux 4.4

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

2

Hi @SteveORH

checking your domain you see the error ( https://check-your-website.server-daten.de/?q=mobilesignalsolutions.co.uk ):

Domainname Http-Status redirect Sec. G
http://mobilesignalsolutions.co.uk/
52.56.195.136 301 https://www.mobilesignalsolutions.co.uk/ 0.166 E
http://www.mobilesignalsolutions.co.uk/
52.56.195.136 301 https://www.mobilesignalsolutions.co.uk/ 0.130 A
https://mobilesignalsolutions.co.uk/
52.56.195.136 301 https://www.mobilesignalsolutions.co.uk/ 3.417 B
https://www.mobilesignalsolutions.co.uk/
52.56.195.136 200 3.590 N
Certificate error: RemoteCertificateNameMismatch

Your certificate has only one domain name:

CN=mobilesignalsolutions.co.uk
	13.08.2019
	11.11.2019
expires in 81 days	mobilesignalsolutions.co.uk - 1 entry

So your www version isn't secure.

Solution: Create one certificate with both domain names and use that instead.

sudo certbot certonly --apache -d mobilesignalsolutions.co.uk -d www.mobilesignalsolutions.co.uk
1 Like
3

Thanks Juergen!

I believe I have it now,

Thank you very much!

1 Like
4

Yep, your certificate is now correct. Rechecked your domain

CN=mobilesignalsolutions.co.uk
	22.08.2019
	20.11.2019
expires in 89 days	
mobilesignalsolutions.co.uk, www.mobilesignalsolutions.co.uk - 2 entries

the certificate has both domain names, both connections are secure.

Two other problems: Your 404 - page sends a http status 200 - that's a "softfail" (Google).

And your meta og:image doesn't work:

meta
	og:image
	https://dev.mobilesignalsolutions.com/wp-content/uploads/2019/04/mobile-signal-solutions-logo.png
	-1
	NameResolutionFailure - The remote name could not be resolved: 'dev.mobilesignalsolutions.com'
	1
	NameResolutionFailure - The remote name could not be resolved: 'dev.mobilesignalsolutions.com'

same with your twitter:image.

5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.