None of the common names in the certificate match the name that was entered

Hello,
I have a problem with one of my cert.
I use 2 certs for my domain : https://kabelis.fr/
one cert for kabelis.fr and another one for www.kabelis.fr

superuser@server:/etc/letsencrypt/certs# ls
anotherservice.kabelis.fr kabelis.fr www.kabelis.fr

It produced this output:
https://imgur.com/a/It0hczF

i have tried to check my cert with SSL Checker :
None of the common names in the certificate match the name that was entered (www.kabelis.fr). You may receive an error when accessing this site in a web browser.

https://www.sslshopper.com/ssl-checker.html#hostname=https://www.kabelis.fr/
https://www.sslshopper.com/ssl-checker.html#hostname=https://kabelis.fr/

My web server is (include version): debian 9 and apache 2.4

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no i use the shell like a true admin !

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): dehytrated

can you help me with that ?

Hi @Thomas-Clauzel

your main configuration looks ok ( https://check-your-website.server-daten.de/?q=kabelis.fr ):

But your certificate

CN=kabelis.fr
	22.01.2019
	22.04.2019
expires in 69 days	kabelis.fr - 1 entry

has only one domain name. So it looks that your www- and your non-www version are using the same vHost (that makes things simpler).

But then your certificate should have both domain names.

So create one certificate with the www- and the non-www version.

The www site has no certificate covering that name.
But it will need one to be able to forward any https://www requests elsewhere.

Thanks guys.
my www and my non-www use the same vhost.
but myvhost use different directory :

non www : SSLCertificateFile /etc/letsencrypt/certs/kabelis.fr/cert.pem
www : SSLCertificateFile /etc/letsencrypt/certs/www.kabelis.fr/cert.pem

the first time we create the cert for this website we commit a mistak. In fact we need to create one certificat for www and non-www

old domains.txt
kabelis.fr
cloud.kabelis.fr
www.kabelis.fr

what i think do :
kabelis.fr www.kabelis.fr
cloud.kabelis.fr

what i need to do ?
1 step : revok my 2 certs
2 step : edit my domains.txt
3 step : dehydrated -c ?

How to revoke my certs ?

sorry for my bad english im french

Normally, one vHost uses one certificate. So that may be the problem.

Never revoke certificates if the private key isn’t stolen. Copy these to another place, so you can reuse these.

I don’t use dehydrated. But there should be an option to create one certificate with two domain names. Then use this with your vHost.

[[[ until you can combine both names into one cert - here is a workaround ]]]

If you have two certs then you will need two vhosts.
You can copy the existing VirtualHost section again into the same file.
[so that it is in there twice]
then change the ServerNames so that one is: kabelis.fr
and the other is: www.kabelis.fr
then update the certificate files accordingly…
[leave all else unchanged - and restart apache]

thank a lot
i will try the next week
can u let this discussion open for the moment ?

Discussions automatically closed after 1 month of no activity.
[I can’t change that - so you have 30 days to continue it - without requiring admin intervention]

“Next week” is short enough.

If the thread is closed, send a PM.

Or start a new topic, it’s possible to merge two topics.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.