My operating system is (include version): Debian 8.5
My web server is (include version):Apache 2.4.10
- I have created certificates using SAN / AltName, initally for alpha.mydomain.fr, gamma.mydomain.fr, beta.mydomain.fr, delta.mydomain.fr (most probably I did a mistake at that time)
- certificates for alpha, gamma and delta work fine
- but not the certificate for beta, which constantly refers to alpha.
Outputs from https://www.sslshopper.com/csr-decoder.html on the generated CSRs:
for alpha:
Certificate Information:
Common Name: alpha.mydomain.fr
Subject Alternative Names: alpha.mydomain.fr
Valid From: September 5, 2016
Valid To: December 4, 2016
Issuer: Let’s Encrypt Authority X3, Let’s Encrypt
Serial Number: 03yyyyy
for beta:
Certificate Information:
Common Name: beta.mydomain.fr
Subject Alternative Names: alpha.mydomain.fr, gamma.mydomain.fr, beta.mydomain.fr, delta.mydomain.fr
Valid From: September 16, 2016
Valid To: December 15, 2016
Issuer: Let’s Encrypt Authority X3, Let’s Encrypt
Serial Number: 03xxxxx
Outputs from issuing openssl s_client -connect
# openssl s_client -connect alpha.mydomain.fr:443 -servername alpha.mydomain.fr
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let’s Encrypt, CN = Let’s Encrypt Authority X3
verify return:1
depth=0 CN = alpha.mydomain.fr
verify return:1
Certificate chain
0 s:/CN=alpha.mydomain.fr
i:/C=US/O=Let’s Encrypt/CN=Let’s Encrypt Authority X3
1 s:/C=US/O=Let’s Encrypt/CN=Let’s Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
#openssl s_client -connect beta.mydomain.fr:443 -servername beta.mydomain.fr
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let’s Encrypt, CN = Let’s Encrypt Authority X3
verify return:1
depth=0 CN = alpha.mydomain.fr
verify return:1
Certificate chain
0 s:/CN=alpha.mydomain.fr
i:/C=US/O=Let’s Encrypt/CN=Let’s Encrypt Authority X3
1 s:/C=US/O=Let’s Encrypt/CN=Let’s Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
How can I change that now?