Domain with wildcard-certificate

My domain name is roozbehkm.ir
and the check your website is :

Hi @smesgary

I’ve moved your question to a new topic, makes things easier.

There are two errors visible.

Your certificate

CN=*.roozbehkm.ir
	24.04.2019
	23.07.2019
expires in 77 days	*.roozbehkm.ir - 1 entry 

has only the * domain name. So that certificate doesn’t work with your main domain roozbehkm.ir.

Create one certificate with both domain names:

roozbehkm.ir
*.roozbehkm.ir

If you create such a certificate and install it, https without www should work.

And there is a Bad Gateway error:

Domainname Http-Status redirect Sec. G
http://roozbehkm.ir/
185.143.232.5 301 https://roozbehkm.ir/ 0.203 A
http://roozbehkm.ir/
185.143.235.5 301 https://roozbehkm.ir/ 0.047 A
http://www.roozbehkm.ir/
185.143.232.5 301 https://www.roozbehkm.ir/ 0.200 A
http://www.roozbehkm.ir/
185.143.235.5 301 https://www.roozbehkm.ir/ 0.043 A
https://roozbehkm.ir/
185.143.232.5 200 1.526 N
Certificate error: RemoteCertificateNameMismatch
https://roozbehkm.ir/
185.143.235.5 200 0.614 N
Certificate error: RemoteCertificateNameMismatch
https://www.roozbehkm.ir/
185.143.232.5 502 3.340 S
Bad Gateway
https://www.roozbehkm.ir/
185.143.235.5 502 3.273 S
Bad Gateway

But checking the www version with my browser there is a rare error message:

SSL_ERROR_INTERNAL_ERROR_ALERT

No more details. Is there an internal proxy or something else?

Perhaps add some informations about your configuration:


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.