Net::err_cert_common_name_invalid

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
online-akademie.mind-systems.eu
I ran this command:
browser to domain
It produced this output:

Your connection is not private

Attackers might be trying to steal your information from 217.160.29.39 (for example, passwords, messages or credit cards). Learn more

NET::ERR_CERT_COMMON_NAME_INVALID
also browser shows my ip of my server: 217.160.29.39 instead of URL

This server could not prove that it is 217.160.29.39 ; its security certificate is from online-akademie.mind-systems.eu . This may be caused by a misconfiguration or an attacker intercepting your connection.

My web server is (include version):
moodle 3.6
The operating system my web server runs on is (include version):
bitnami moodle 3.6 centOS7
My hosting provider, if applicable, is:
1und1 / ionos
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): ?

I use lego to create the certificate and it was working fine.

I changed something at my domain dns settings from my provider where I forward to the IP of my cloudserver. the A forwards to 217.160.29.39 I also have http:/ forwarding to 217.160.29.39.

So there is some misconfiguration, I appreciate any help.

thanks.

1 Like

I first thought the problem may be IPv4 | IPv6 related; Where the site is probably NOT serving the exact same content for both.

But I can see that the problem is actually in the forwarding:
HTTP forwarding https://217.160.29.39
[which is only happening in the IPv6 connections - so maybe they aren’t serving the same content]