How do I replace information in a certificate

still has alternate names Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: Previously, I had mistakes when I created a certificate.
My Virtual host redirected to which must not exist.
I made a series of errors and had to restore my server
Now, with the new server - I added the virtual host in httpd.conf
Listen 80
<VirtualHost *:80>
Redirect permanent /
RewriteEngine on
RewriteCond %{SERVER_NAME}
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

And certbot added the httpd-le-ssl.conf and virtual host 443

<VirtualHost *:443>
Redirect permanent /
SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/

but it still says I have a CertificateNameMismatch
and when I view the certificate from error message when I try to go to my site, it says I’m on version 3
Is there something wrong with these virtual hosts?
Is there some way I can update the certificate if the names in it from last time are the problem? I am trying to strip it down to the one but the website check is still evaluating www too
I edited to add the screen print showing it still sees Alternate Names

thank you in advance for your help

It produced this output: I can’t go to my website because of the redirect

My web server is (include version): Digital Ocean droplet

The operating system my web server runs on is (include version): CentOS

My hosting provider, if applicable, is: none

I can login to a root shell on my machine (yes or no, or I don’t know): Y

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): N

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

1 Like

The site is using a self-signed cert (not one from LE).

What says?:
apachectl -S

1 Like

thank you @rg305

That was advice from my first post - New SSL Certificate not working NameMismatch and ChainErrors

How do I get rid of or change that?
I tried doing the same command with my restored server but I still have the same errors…

I never meant to self sign. How do I replace it with one from lets encrypt??


For some reason we’re seeing a re-emergence of an older bug with Certbot on CentOS, where some names use the CentOS default self-signed certificate.

This is probably in /etc/httpd/conf.d/ssl.conf — if you log into your server and move that file somewhere else (maybe to your home directory) and then restart Apache, it might go away. We still have to figure out why people are encountering this bug again!


Thank you @schoen! This did allow me to start over and it worked!
In case it helps - I think it was also because of a mistake I made. I had added my Virtual Host for port 80 directly into the main httpd.conf file instead of creating a new conf file in httpd/conf.d
I think that might have screwed the whole thing up.
Letsencrypt did add an include at the bottom of my httpd.conf for the httpd-le-ssl.conf file it created in that same httpd folder, so maybe this was anticipated, but in case it contributed to the error, I wanted to let you know.

Thank you for the help!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.