Error 502, Max No Certs & ERR_CERT_COMMON_NAME_INVALID


#1

Hello,

Firstly, may I apologise, I am quite clearly not a great tech guy, self taught and using goole has brought me to make some monumental errors here!

I have scoured this site and followed various advice, which has just made the web tangle a little further.

So here is the abridged version of events/ what has happened.

Applied SSL to all sites, everything is fine - did this via plesk installation. No issues, - renewed all sites to allow for with and without www. still no issue.

Tried to apply SSL for server. lots of issues here.
Created subdomain to match server hostname - created re-direct to actual domain.
Created SSL for this.

All is still fine.

Create server wide cert - Still get the “ERR_COMMON_NAME_INVALID” assume this is due to the cert not being linked to the IP address but the hostname.

All hosted sites fall into Error 502 - this is solved by regenerating core files.

Read on here about installing certbot - undertake these actions.
All appears fine - try regenerating server cert.
All drop to Error 502 and I now get Max No of Certs.

Yes I have well and truly made a mess on this one! Any guidance would be appreciated as to how to untangle this!

Ideally trying to get server https and all domains.
Yes I have access to SSH.

Server is running Plesk on CentOS7
Running: NGINX with Apache (on FastCGI )

As I say, any assistance would be super appreciated!


#2

Okay - so update is this:
Error 502 cleared when I rebooted my firewall.
(makes sense as this is a blocked connection - did wonder how SSL cert would cause that?)

From what I have read, I believe (and may be wrong)
LetsEncrypt only works with servers titled as domains - so the https will not work on the server when displayed as an IP address.


#3

Yes. Or rather, it will be treated as non-matching.


#4

Hi Tialaramex,

Thanks for the response.
Any pointers as to how I would resolve this?
(I am aware that this is a newbie question and I should have just got myself a managed service!)


#5

Use DNS names for things instead of IP addresses?


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.