Hello! I recently bought a domain and decided to install a Letsencrypt certificate on it on a Digitalocean droplet. I followed the tutorial here and did sudo letsencrypt certonly -a webroot --webroot-path=/var/www/html -d example.com -d www.example.com
I also made it pass through Cloudflare for protection and now when I go to hask.me, it work (with Cloudflare SSL) and when I go to https://serverip I get this (net::ERR_CERT_COMMON_NAME_INVALID). and it doesnt redirect to my domain. but when I use http://serverip , it does redirect to the domain and I dont have any problem.
The thing I would like to fix here is the https://serverip , I also use Nginx
English is my second language sorry about the mistake I made
Without your domain name, itâs difficult to answer.
SSL certificates are only valid for domain names, so I would not expect it to work when using https://serverip (because the IP address used will not match the domain name.
If you are using cloudflare cache - then you will be using the SSL provided by cloudflare, not a Letâs Encrypt certificate.
But anyway, thatâs irrelevant: Letâs Encrypt doesnât support the issuing of certificates for IP addresses, so surfing to https://ip.add.re.ss with a LE cert will always give an error (the âhostnameâ, i.e. IP address can never match anything in thr cett). This isnât because something is broken, this is âby designâ.
This is always true for Let's Encrypt but not for every other CA: if you decide you really have a need for this, you can likely still get it from some other CA (presumably as a paid product). With SNI that could probably exist alongside a Let's Encrypt certificate.