My certificate does not match the domain name

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.makermo.com

I ran this command: certbot certonly -d makermo.com -d www.makermo.com -d h1.makermo.com

It produced this output: success

My web server is (include version): Apache/2.4.29

The operating system my web server runs on is (include version): Ubuntu

My hosting provider, if applicable, is:AWS

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

I wanted to add a certificate for a the “h1” subdomain and did:
certbot certonly -d makermo.com -d www.makermo.com -d h1.makermo.com

My certificate is invalid:
https://h1.makermoo.com/embed/widget/

And issued to “agentct.com” which is another domain on our server…

Can someone point me in the right direction ?

Thank
You

You’ve used certonly in your certbot command line. You’re aware that only gives you a certificate, but you need to install that certificate in your webserver manually, right?

Hi @bloxium

there is a check of your domain, ~~100 minutes old - https://check-your-website.server-daten.de/?q=makermoon.com

The non-www and the www use the correct certificate:

CN=makermoon.com
	15.07.2019
	13.10.2019
expires in 88 days	
h1.makermoon.com, 
makermoon.com, www.makermoon.com - 3 entries

So it’s only a problem of your h1 subdomain. There is another certificate.

What says

apachectl -S

Looks like the wrong (default) vHost is used.

Hi Osiris/JuergenAuer, first a BIG thank you for helping me with that issue.

Thanks

There

is your answer. There is no specific vHost with the subdomain.

So the default server is used -> and the certificate is wrong.

Create an own vHost with the subdomain as ServerName, there use the correct certificate.

Your configuration is the answer.

The default server has the certificate with the correct domain name.

Yes ! Thank you very much I will check this out !

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.