My domain is: www.integratedhealing.co.in, www.gkconstruction.xyz
My web server is (include version): tomcat8
The operating system my web server runs on is (include version): centos
I can login to a root shell on my machine (yes or no, or I don't know): YES
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): NO
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.11.0
Getting NET::ERR_CERT_COMMON_NAME_INVALID for second domain
Having certificate for both domain
Certificate Name: www.gkconstruction.xyz
Could you please share it with us? While I don't have experience with Tomcat, it seems your Tomcat is misconfigured, as it shows the certificate for www.integratedhealing.co.in when connecting to www.gkconstruction.xyz..
For "preformatted text" such as configuration file contents, you should put three backticks (```) above and below the contents of a file. That would prevent the forum software from trying to rendering the contents.
Obviously, that file or its contents refer only to the certificate of www.integratedhealing.co.in.. As I said, I'm not familiar with Tomcat. Could you perhaps elaborate of the origin of the contents? And perhaps share the rest of the entire Tomcat contents? You should also have a similar file for www.gkconstruction.xyz, although I'm not sure how that would fair with Tomcat..
Your help will be appreciated.
Somehow I am able to manage certificate for my both domain. https://www.integratedhealing.co.in this work with https
but for http://www.gkconstruction.xyz/ showing not secure
And if i try https.
This server could not prove that it is gkconstruction.xyz ; its security certificate is from www.gkconstruction.xyz . This may be caused by a misconfiguration or an attacker intercepting your connection.
You have two different certificates for the two domain names. If they're both being hosted by the same server, it may be a lot easier to create just one certificate instead that covers both names. Tomcat didn't support server-side SNI until more recent versions than the Tomcat 8 you say you're using.
Having tomcat 8.5 version. If I check in browser i got valid certificate for integratedhealing and if i try for gkconstruction i got certificate for gkconstruction but with error common name not matching. Can you please try ones from browser to get better idea.
If tomcat not supports can you please cartbot command to make one for both certificate
Created single certificate by below command and it works...
certbot --webroot -w /opt/tomcat/webapps/gkconstruction certonly -d www.gkconstruction.xyz -w /opt/tomcat/webapps/ih -d www.integratedhealing.co.in
An alternative to trying to get https working in Tomcat keep in mind techniques such as using nginx, apache or caddy as a front end for your web services, then proxying back to the tomcat services (which can be running on different ports etc as required).
This is a good way to work around limitations in Tomcat and ensures that you can keep your internet facing service up to date without destabilizing your tomcat application (which can be subject to compatibility issues when you have to upgrade tomcat itself).