Hey Guys,
So I’ve successfully got a valid certificate for my domain. But when I’m trying to CURL the virtualhost which is associated with it I’m getting this error:
curl --verbose --header 'Host:mydomain.com' https://127.0.0.1:443/
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* Server certificate:
* subject: CN=mydomain.com
* start date: Jun 21 12:30:15 2018 GMT
* expire date: Sep 19 12:30:15 2018 GMT
* common name: mydomain.com
* issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
* NSS error -12276 (SSL_ERROR_BAD_CERT_DOMAIN)
* Unable to communicate securely with peer: requested domain name does not match the server's certificate.
* Closing connection 0
curl: (51) Unable to communicate securely with peer: requested domain name does not match the server's certificate.
The Virtualhost config loos like this:
Listen 443 https
<VirtualHost *:443>
ServerName "${APACHE_HOSTNAME}"
RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 172.31.0.0/16
<If "req('Host') != '${APACHE_HOSTNAME}'">
Redirect permanent / https://${APACHE_HOSTNAME}/
</If>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/mydomain.com/cert.pem
SSLCertificateChainFile /etc/letsencrypt/live/mydomain.com/chain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.com/privkey.pem
</VirtualHost>
The ${APACHE_HOSTNAME} is mydomain.com
When I use the -k flag with the curl I get normally connected any ideas ?
Thanks !