Invalid name of certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:sudo certbot --nginx --agree-tos --redirect --staple-ocsp -d --email

It produced this output:Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installe r nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
Waiting for verification…
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/

Congratulations! You have successfully enabled

You should test your configuration at:


  • Congratulations! Your certificate and chain have been saved at:
    Your key file has been saved at:
    Your cert will expire on 2019-11-02. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the “certonly” option. To non-interactively renew all of
    your certificates, run “certbot renew”

  • If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let’s Encrypt:
    Donating to EFF:

My web server is (include version):nginx/1.14.0

The operating system my web server runs on is (include version):Ubuntu 18.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):certbot 0.31.0

Hi Guys,

So when I go to all is good but when I go to it says insecure site.

I think this might be due to me running

sudo certbot --nginx --agree-tos --redirect --staple-ocsp -d --email

when I think I should have run

sudo certbot --nginx --agree-tos --redirect --staple-ocsp -d --email

Would I be right? If so what is the solution? To run

sudo certbot --nginx --agree-tos --redirect --staple-ocsp -d

? Thank you for your help.

Hi @Jedi

you have created a certificate with one domain name:

Issuer not before not after Domain names LE-Duplicate next LE
Let’s Encrypt Authority X3 2019-08-04 2019-11-02 - 1 entries duplicate nr. 1

So your www-version isn’t secure.

You need one certificate with both domain names (ok, you could have different vHosts, but that’s not required).

So use two -d options:

sudo certbot --nginx --agree-tos --redirect --staple-ocsp -d -d --email

Then one vHost (with both domain names) can use one certificate (with the same both domain names).

First check, if your port 80 / port 443 have the correct server directive.

nginx -T
1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.