How do I correct an incorrect Common Name

On my VPS (running Debian Jessie) I have three sites being served by Nginx:, and I had LE make two certificates, one for and another to be shared by and its subdomain. In’s site config it references its certificate but when I go look at the certificate through my web browser it says the Common Name is instead of

How do I fix this?

I’m using Certbot 0.8.0-1~bpo8+2 and Nginx 1.6.2-5+deb8u2

This isn’t a critical issue as I can browse the sites just fine, I’d like to keep them separate as much as possible.


If there really are two certificates, then somehow the nginx configuration is wrongly pointing to the .info certificate for the site, and if you can’t figure out why you might try uploading the configuration, or excerpts from it, for people here to examine.

It’s also possible I guess that you actually didn’t end up asking for two different certificates after all, since you say you can “browse the sites just fine” which suggests the certificate being used is actually valid for any site you’re visiting. Your web browser should have a way to examine the certificate more closely and in there view “Subject Alternative (or Alternate) Names” (SANs) which are all the names the certificate is valid for, the CN is essentially obsolete at this point though it’s the first thing the browser displays up front.

Thanks for the reply. I’ll triple check the Nginx configs. Under “Certificate Subject Alt Name” for the certificate for it lists, and in that order.

Right so, this is one certificate that’s valid for all three names. You might want to check exactly which certificates you actually do have, is it just this one, or is there also one for just the .info names, or one for just the .com name

The certificate for and correctly list only those domains for their shared certificate. I guess I should just make a new cert for

If you want to, yes. Note that if you signed up with your email address, Let’s Encrypt will warn you when the cert you don’t want (with all three names) expires, even if you’re happily renewing the other certificates with two and one name respectively. The warnings are harmless, if you know you intended for that combination of names in a certificate to expire you don’t need to do anything, but I thought I’d mention it before it happens.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.