My site https://www.kindlecrack.net had a valid Lets Encrypt certificate. I forwarded to a new url https://kcrackbookreviews.net Now, I’m getting an error on my site https://www.kindlecrack.net that says it’s unsafe! How do I get my certificate to work with both urls?!
I attached two photos
54%20PM|690x412
Thank you!
Cheri
Hi @KCBR
there are already checks of your domain ( https://check-your-website.server-daten.de/?q=kcrackbookreviews.net ):
| Domainname | Http-Status | redirect | Sec. | G |
|---|---|---|---|---|
| • http://kindlecrack.net/ | ||||
| 184.168.131.241 | 301 | https://kcrackbookreviews.net | 0.384 | E |
| • http://www.kindlecrack.net/ | ||||
| 184.168.131.241 | 301 | https://kcrackbookreviews.net | 0.364 | E |
| • http://www.kcrackbookreviews.net | 301 | https://www.kcrackbookreviews.net/ | 0.254 | A |
| • https://kindlecrack.net/ | ||||
| 184.168.131.241 | 301 | https://kcrackbookreviews.net | 1.787 | N |
| Certificate error: RemoteCertificateNameMismatch | ||||
| • https://www.kindlecrack.net/ | ||||
| 184.168.131.241 | 301 | https://kcrackbookreviews.net | 1.593 | N |
| Certificate error: RemoteCertificateNameMismatch | ||||
| • https://kcrackbookreviews.net | 301 | http://www.kcrackbookreviews.net | 1.873 | N |
| Certificate error: RemoteCertificateNameMismatch | ||||
| • https://www.kcrackbookreviews.net/ | 200 | 0.606 | I |
The kindlecrack.net uses
CN=shortener.secureserver.net, O="Special Domain Services, LLC",
L=Scottsdale, S=Arizona, C=US, SERIALNUMBER=R17247303,
OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Arizona, OID.1.3.6.1.4.1.311.60.2.1.3=US
27.09.2018
27.09.2020
expires in 521 days
shortener.secureserver.net, www.shortener.secureserver.net - 2 entries
as certificate, not a Letsencrypt certificate.
Is this your hoster? How did you create the certificate? What's your environment?
--
There is a standard template from Help
--
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
I’m a novice at all of this…So please be patient with me 
My domain is: Orginal kindlecrack.net and fwd to kcrackbookreviews.net
I ran this command: I tried to access my site using an incognito browser on Chrome and my iphone.
It produced this output: the Attached photo that kindlecrack.net is not safe. The certificate is valid on kcrackbookreviews.net
My web server is (include version): ? Maybe this will help with answers? https://check-your-website.server-daten.de/?q=kcrackbookreviews.net
The operating system my web server runs on is (include version):?
My hosting provider, if applicable, is: Godaddy
I can login to a root shell on my machine (yes or no, or I don’t know): I don’t know
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Godaddy
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): I think Google Trust Authority. Attached photo of certificate.
Then there is no certificate installed. So if you use https, you see the certificate of your hoster or something else.
If you want to use https, you need a certificate. And you have to install it.
But it's possible that you can't do that.
Your www-version has a correct Letsencrypt certificate:
CN=www.kcrackbookreviews.net
23.02.2019
24.05.2019
expires in 29 days www.kcrackbookreviews.net - 1 entry
That's good. But your dns settings:
| Host | T | IP-Address | is auth. | ∑ Queries | ∑ Timeout |
|---|---|---|---|---|---|
| kcrackbookreviews.net | A | 184.168.131.241 | yes | 1 | 0 |
| AAAA | yes | ||||
| www.kcrackbookreviews.net | C | ghs.google.com | yes | 1 | 0 |
| A | 216.58.212.179 | yes | |||
| AAAA | 2a00:1450:400e:801::2013 | yes |
So your www version uses a CNAME and Google is the hoster.
Looks like Google has created and installed the Letsencrypt certificate.
184.168.131.241 - is this the ip of your own server? No, there is a redirect to
Looks like your non-www version doesn't have own content.
Thank you for the quick reply$B!G(Bs. The certificate was on kindlecrack and not on it anymore since I redirected to kcrackbookreviews. I$B!G(Bm totally confused:) I don$B!G(Bt want folks to think my kindlecrack site is going to steal info (
like the photo I sent two notes ago). What should I do?
I think the IP address is from Google since it$B!G(Bs a Blogger web site?
Also why would www not have content? Should I check under Google console?
Starting there:
How does this forwarding works? Looks like you do that in a wrong way, with the service of shortener.secureserver.net, that removes your own certificate.
A "regular forwarding" (with http status 301) works with an own certificate.
So where did you install the certificate (and how)?
I believe I installed it in the Go Daddy DNS files?
Unfortunately, that’s not the kind of forwarding that you need here, and it won’t work with HTTPS. You’ll need to change the DNS setting back to point directly at your server, and then configure your server to send a 301 redirect. This is the same problem that @JuergenAuer was concerned about.
I’m going to give it a shot! Thank you so much for your help.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.