Hello,
I have a problem with one of my cert.
I use 2 certs for my domain : https://kabelis.fr/
one cert for kabelis.fr and another one for www.kabelis.fr
superuser@server:/etc/letsencrypt/certs# ls
anotherservice.kabelis.fr kabelis.fr www.kabelis.fr
It produced this output:
https://imgur.com/a/It0hczF
i have tried to check my cert with SSL Checker :
None of the common names in the certificate match the name that was entered (www.kabelis.fr ). You may receive an error when accessing this site in a web browser.
https://www.sslshopper.com/ssl-checker.html#hostname=https://www.kabelis.fr/
https://www.sslshopper.com/ssl-checker.html#hostname=https://kabelis.fr/
My web server is (include version): debian 9 and apache 2.4
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no i use the shell like a true admin !
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): dehytrated
can you help me with that ?
Hi @Thomas-Clauzel
your main configuration looks ok ( https://check-your-website.server-daten.de/?q=kabelis.fr ):
But your certificate
CN=kabelis.fr
22.01.2019
22.04.2019
expires in 69 days kabelis.fr - 1 entry
has only one domain name. So it looks that your www- and your non-www version are using the same vHost (that makes things simpler).
But then your certificate should have both domain names.
So create one certificate with the www- and the non-www version.
1 Like
rg305
February 12, 2019, 8:44pm
3
The www site has no certificate covering that name.
But it will need one to be able to forward any https://www requests elsewhere.
1 Like
Thanks guys.
my www and my non-www use the same vhost.
but myvhost use different directory :
non www : SSLCertificateFile /etc/letsencrypt/certs/kabelis.fr/cert.pem
www : SSLCertificateFile /etc/letsencrypt/certs/www.kabelis.fr/cert.pem
the first time we create the cert for this website we commit a mistak. In fact we need to create one certificat for www and non-www
old domains.txt
kabelis.fr
cloud.kabelis.fr
www.kabelis.fr
what i think do :
kabelis.fr www.kabelis.fr
cloud.kabelis.fr
what i need to do ?
1 step : revok my 2 certs
2 step : edit my domains.txt
3 step : dehydrated -c ?
How to revoke my certs ?
sorry for my bad english im french
Normally, one vHost uses one certificate. So that may be the problem.
Never revoke certificates if the private key isn't stolen. Copy these to another place, so you can reuse these.
Thomas-Clauzel:
3 step : dehydrated -c ?
I don't use dehydrated. But there should be an option to create one certificate with two domain names. Then use this with your vHost.
1 Like
rg305
February 13, 2019, 4:14pm
6
[[[ until you can combine both names into one cert - here is a workaround ]]]
If you have two certs then you will need two vhosts.
You can copy the existing VirtualHost section again into the same file.
[so that it is in there twice]
then change the ServerName s so that one is: kabelis.fr
and the other is: www.kabelis.fr
then update the certificate files accordingly…
[leave all else unchanged - and restart apache]
thank a lot
i will try the next week
can u let this discussion open for the moment ?
1 Like
rg305
February 14, 2019, 2:52pm
8
Discussions automatically closed after 1 month of no activity.
[I can't change that - so you have 30 days to continue it - without requiring admin intervention]
Thomas-Clauzel:
i will try the next week
"Next week" is short enough.
If the thread is closed, send a PM.
Or start a new topic, it's possible to merge two topics.
2 Likes
system
Closed
March 16, 2019, 2:55pm
10
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.