Domain is using certificate from another domain

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: eduzz.com.br

I ran this command: sudo certbot -d eduzz.com.br

It produced this output:

Certificate Name: eduzz.com.br
    Domains: eduzz.com.br
    Expiry Date: 2019-09-26 13:27:23+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/eduzz.com.br/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/eduzz.com.br/privkey.pem

My web server is (include version): Server version: Apache/2.4.6 (CentOS)

The operating system my web server runs on is (include version): NAME=“CentOS Linux”
VERSION=“7 (Core)”

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.34.2

When accessing https://www.eduzz.com.br and in “Advanced”: 'This server was unable to prove that it is www.eduzz.com.br. The security certificate is from api.eduzz.com. This may be caused by an incorrect configuration or by the interception of your connection by an attacker. ’

1 Like

Hi @wexllen

checking your domain there are timeouts ( https://check-your-website.server-daten.de/?q=eduzz.com.br ):

Domainname Http-Status redirect Sec. G
http://eduzz.com.br/
3.91.45.239 301 https://eduzz.com/ 0.230 E
http://www.eduzz.com.br/
3.91.45.239 301 https://www.eduzz.com/ 0.227 E
https://eduzz.com.br/
3.91.45.239 -14 10.027 T
Timeout - The operation has timed out
https://www.eduzz.com.br/
3.91.45.239 -14 10.027 T
Timeout - The operation has timed out
https://eduzz.com/ -14 10.026 T
Timeout - The operation has timed out
https://www.eduzz.com/ 200 1.530 I

And you have a redirect to the com domain. That domain has the correct certificate.

You use an Apache. Perhaps the wrong vHost is used.

What says

apachectl -S
1 Like

Thanks for responding promptly @JuergenAuer. The output I get on apachectl -S is:

AH00112: Warning: DocumentRoot [/var/www/fabio.devzz.ninja] does not exist
VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server api.eduzz.com (/etc/httpd/vhosts/api.eduzz.com.conf:1)
         port 80 namevhost api.eduzz.com (/etc/httpd/vhosts/api.eduzz.com.conf:1)
         port 80 namevhost appmobile.eduzz.com (/etc/httpd/vhosts/appmobile.eduzz.com.conf:1)
         port 80 namevhost ip-172-32-31-177.ec2.internal (/etc/httpd/vhosts/default.conf:1)
         port 80 namevhost www.eduzz.com.br (/etc/httpd/vhosts/eduzz.com.br.conf:1)
         port 80 namevhost eduzz.com.br (/etc/httpd/vhosts/eduzz.com.br.conf:7)
         port 80 namevhost eduzz.com (/etc/httpd/vhosts/eduzz.com.conf:1)
         port 80 namevhost eduzz.info (/etc/httpd/vhosts/eduzz.info.conf:1)
                 alias www.eduzz.info
         port 80 namevhost edz.la (/etc/httpd/vhosts/edz.la.conf:1)
                 alias edzz.la
         port 80 namevhost edzz.la (/etc/httpd/vhosts/edzz.la.conf:1)
                 alias edzz.la
         port 80 namevhost fabio.devzz.ninja (/etc/httpd/vhosts/fabio.devzz.ninja.conf:1)
         port 80 namevhost g.eduzz.com (/etc/httpd/vhosts/g.eduzz.com.conf:1)
         port 80 namevhost logzz.eduzz.com (/etc/httpd/vhosts/logzz.eduzz.com.conf:1)
         port 80 namevhost my.eduzz.com (/etc/httpd/vhosts/my.eduzz.com.conf:1)
         port 80 namevhost www.eduzz.com.br (/etc/httpd/vhosts/redirect.conf:1)
         port 80 namevhost www.eduzz.com (/etc/httpd/vhosts/redirect.conf:6)
                 alias eduzz.com.br
         port 80 namevhost www.eduzz.pt (/etc/httpd/vhosts/redirect.conf:16)
         port 80 namevhost www.edz.la (/etc/httpd/vhosts/redirect.conf:21)
         port 80 namevhost www.edzz.la (/etc/httpd/vhosts/redirect.conf:29)
         port 80 namevhost files.eduzz.com (/etc/httpd/vhosts/redirect.conf:37)
         port 80 namevhost edz.la (/etc/httpd/conf.d/le-redirect-edz.la.conf:1)
*:443                  is a NameVirtualHost
         default server api.eduzz.com (/etc/httpd/vhosts/api.eduzz.com.conf:14)
         port 443 namevhost api.eduzz.com (/etc/httpd/vhosts/api.eduzz.com.conf:14)
         port 443 namevhost appmobile.eduzz.com (/etc/httpd/vhosts/appmobile.eduzz.com.conf:14)
         port 443 namevhost eduzz.com (/etc/httpd/vhosts/eduzz.com.conf:15)
         port 443 namevhost eduzz.info (/etc/httpd/vhosts/eduzz.info.conf:16)
         port 443 namevhost edz.la (/etc/httpd/vhosts/edz.la.conf:19)
         port 443 namevhost edzz.la (/etc/httpd/vhosts/edzz.la.conf:18)
                 alias edzz.la
         port 443 namevhost g.eduzz.com (/etc/httpd/vhosts/g.eduzz.com.conf:14)
         port 443 namevhost logzz.eduzz.com (/etc/httpd/vhosts/logzz.eduzz.com.conf:14)
         port 443 namevhost my.eduzz.com (/etc/httpd/vhosts/my.eduzz.com.conf:15)
         port 443 namevhost www.edz.la (/etc/httpd/vhosts/redirect-le-ssl.conf:2)
         port 443 namevhost www.edzz.la (/etc/httpd/vhosts/redirect-le-ssl.conf:12)
         port 443 namevhost www.eduzz.com (/etc/httpd/vhosts/redirect-le-ssl.conf:22)
                 alias eduzz.com.br
         port 443 namevhost ip-172-32-31-177.ec2.internal (/etc/httpd/conf.d/ssl.conf:56)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/default"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default 
Mutex mpm-accept: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48
[root@ip-172-32-31-177 centos]# 
[root@ip-172-32-31-177 centos]# apachectl -S
AH00112: Warning: DocumentRoot [/var/www/fabio.devzz.ninja] does not exist
VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server api.eduzz.com (/etc/httpd/vhosts/api.eduzz.com.conf:1)
         port 80 namevhost api.eduzz.com (/etc/httpd/vhosts/api.eduzz.com.conf:1)
         port 80 namevhost appmobile.eduzz.com (/etc/httpd/vhosts/appmobile.eduzz.com.conf:1)
         port 80 namevhost ip-172-32-31-177.ec2.internal (/etc/httpd/vhosts/default.conf:1)
         port 80 namevhost www.eduzz.com.br (/etc/httpd/vhosts/eduzz.com.br.conf:1)
         port 80 namevhost eduzz.com.br (/etc/httpd/vhosts/eduzz.com.br.conf:7)
         port 80 namevhost eduzz.com (/etc/httpd/vhosts/eduzz.com.conf:1)
         port 80 namevhost eduzz.info (/etc/httpd/vhosts/eduzz.info.conf:1)
                 alias www.eduzz.info
         port 80 namevhost edz.la (/etc/httpd/vhosts/edz.la.conf:1)
                 alias edzz.la
         port 80 namevhost edzz.la (/etc/httpd/vhosts/edzz.la.conf:1)
                 alias edzz.la
         port 80 namevhost fabio.devzz.ninja (/etc/httpd/vhosts/fabio.devzz.ninja.conf:1)
         port 80 namevhost g.eduzz.com (/etc/httpd/vhosts/g.eduzz.com.conf:1)
         port 80 namevhost logzz.eduzz.com (/etc/httpd/vhosts/logzz.eduzz.com.conf:1)
         port 80 namevhost my.eduzz.com (/etc/httpd/vhosts/my.eduzz.com.conf:1)
         port 80 namevhost www.eduzz.com.br (/etc/httpd/vhosts/redirect.conf:1)
         port 80 namevhost www.eduzz.com (/etc/httpd/vhosts/redirect.conf:6)
                 alias eduzz.com.br
         port 80 namevhost www.eduzz.pt (/etc/httpd/vhosts/redirect.conf:16)
         port 80 namevhost www.edz.la (/etc/httpd/vhosts/redirect.conf:21)
         port 80 namevhost www.edzz.la (/etc/httpd/vhosts/redirect.conf:29)
         port 80 namevhost files.eduzz.com (/etc/httpd/vhosts/redirect.conf:37)
         port 80 namevhost edz.la (/etc/httpd/conf.d/le-redirect-edz.la.conf:1)
*:443                  is a NameVirtualHost
         default server api.eduzz.com (/etc/httpd/vhosts/api.eduzz.com.conf:14)
         port 443 namevhost api.eduzz.com (/etc/httpd/vhosts/api.eduzz.com.conf:14)
         port 443 namevhost appmobile.eduzz.com (/etc/httpd/vhosts/appmobile.eduzz.com.conf:14)
         port 443 namevhost eduzz.com (/etc/httpd/vhosts/eduzz.com.conf:15)
         port 443 namevhost eduzz.info (/etc/httpd/vhosts/eduzz.info.conf:16)
         port 443 namevhost edz.la (/etc/httpd/vhosts/edz.la.conf:19)
         port 443 namevhost edzz.la (/etc/httpd/vhosts/edzz.la.conf:18)
                 alias edzz.la
         port 443 namevhost g.eduzz.com (/etc/httpd/vhosts/g.eduzz.com.conf:14)
         port 443 namevhost logzz.eduzz.com (/etc/httpd/vhosts/logzz.eduzz.com.conf:14)
         port 443 namevhost my.eduzz.com (/etc/httpd/vhosts/my.eduzz.com.conf:15)
         port 443 namevhost www.edz.la (/etc/httpd/vhosts/redirect-le-ssl.conf:2)
         port 443 namevhost www.edzz.la (/etc/httpd/vhosts/redirect-le-ssl.conf:12)
         port 443 namevhost www.eduzz.com (/etc/httpd/vhosts/redirect-le-ssl.conf:22)
                 alias eduzz.com.br
         port 443 namevhost ip-172-32-31-177.ec2.internal (/etc/httpd/conf.d/ssl.conf:56)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/default"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default 
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48
1 Like

There you see the problem:

The combination of port 80 and eduzz.com.br is duplicated. One own vHost, one alias.

Remove one of these entries.

Perhaps one vHost with non-www and www.

Same with all port 443 vHosts.

Every combination of port and domain name should be unique.

1 Like

Thanks for the @JuergenAuer guidelines. Provisionally what worked for me was to generate a certificate with “www” next to the domain name.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.