My certificate does not match the domain name

bloxium · July 17, 2019, 7:39pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.makermo.com

I ran this command: certbot certonly -d makermo.com -d www.makermo.com -d h1.makermo.com

It produced this output: success

My web server is (include version): Apache/2.4.29

The operating system my web server runs on is (include version): Ubuntu

My hosting provider, if applicable, is:AWS

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

I wanted to add a certificate for a the “h1” subdomain and did:
certbot certonly -d makermo.com -d www.makermo.com -d h1.makermo.com

My certificate is invalid:
https://h1.makermoo.com/embed/widget/

And issued to “agentct.com” which is another domain on our server…

Can someone point me in the right direction ?

Thank
You

Osiris · July 17, 2019, 7:56pm

You’ve used certonly in your certbot command line. You’re aware that only gives you a certificate, but you need to install that certificate in your webserver manually, right?

JuergenAuer · July 17, 2019, 8:15pm

Hi @bloxium

there is a check of your domain, ~~100 minutes old - https://check-your-website.server-daten.de/?q=makermoon.com

The non-www and the www use the correct certificate:

CN=makermoon.com
	15.07.2019
	13.10.2019
expires in 88 days	
h1.makermoon.com, 
makermoon.com, www.makermoon.com - 3 entries

So it's only a problem of your h1 subdomain. There is another certificate.

What says

apachectl -S

Looks like the wrong (default) vHost is used.

bloxium · July 17, 2019, 8:32pm

Hi Osiris/JuergenAuer, first a BIG thank you for helping me with that issue.

Thanks

JuergenAuer · July 17, 2019, 8:35pm

There

is your answer. There is no specific vHost with the subdomain.

So the default server is used -> and the certificate is wrong.

Create an own vHost with the subdomain as ServerName, there use the correct certificate.

JuergenAuer · July 17, 2019, 9:30pm

Your configuration is the answer.

The default server has the certificate with the correct domain name.

bloxium · July 17, 2019, 9:31pm

Yes ! Thank you very much I will check this out !

system · August 16, 2019, 9:31pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certificate name does not match Help	2	772	March 4, 2020
Not able to generate certificate to my domain Help	6	366	September 22, 2023
Not Secure after certificate was issued Help	47	1219	February 22, 2023
Ssh certbot set fails Help	7	851	October 16, 2018
Problem with Hostinger Domain and Certbot Help	4	1212	May 5, 2023

My certificate does not match the domain name

Related topics