Please contact us for a certificate error

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: new : epc.smotor.com / old : cepc2.smotor.com

I ran this command:

It produced this output:

My web server is (include version): apache 2.4.6

The operating system my web server runs on is (include version): CentOS 7.6

My hosting provider, if applicable, is: Legacy

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Certbot 1.11.0-2.el7

The cepc2.smotor.com certificate was deleted and the domain was released from the same server, and the epc.smotor.com certificate was newly added, but an error occurred.

Please inquire how to solve it

Your connection is not private
Attackers might be trying to steal your information from epc.smotor.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID
Subject: cepc2.smotor.com

Issuer: R3

Expires on: Sep 28, 2022

Current date: Aug 24, 2022

PEM encoded chain:

-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISBIzKygVMtDsMOdi95/Sb6T9pMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjA2MzAxNDA1MzhaFw0yMjA5MjgxNDA1MzdaMBsxGTAXBgNVBAMT
EGNlcGMyLnNtb3Rvci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCgM0jfik80m0kt3vyPrgqJqRr2bFTk06liXd9CTAvY+5Aryx98XguR0M3gB/Z
MGcKVkEfVfNVp5/Zz3GZTb1ZsldOdp2C0KnqvH5+voUm/mk4wvkmyU8hlwKoAUOE
Uqyu+CEgiYiwbBz/7Y0IRCqktHXJLWiTFvMusQ0qBgV5L0KfqQ1TeoilL+mk7KQ9
ObhKqCval+10E6A7YOcArRdxyLOHNEaW4DiuA+jMTyU9bmipx9jGHpimdor2ZVs+
K1siDROKeNHhYq8rZfdgnnXjpdxTqYeL4CKvqFOpKBJtnF7MWpRwMpryOArj6chl
m0hvkUCT+Igr5SSruJstTIKvAgMBAAGjggJLMIICRzAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFNcWrh8bhORowJLb2e/bFyVEvf7nMB8GA1UdIwQYMBaAFBQusxe3WFbL
rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov
L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v
cmcvMBsGA1UdEQQUMBKCEGNlcGMyLnNtb3Rvci5jb20wTAYDVR0gBEUwQzAIBgZn
gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s
ZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDfpV6raIJP
H2yt7rhfTj5a6s2iEqRqXo47EsAgRFwqcwAAAYG1JXCpAAAEAwBHMEUCIBBn7aQg
JjboGQPZ8Yza0f/W/hQUA5RzlGbqno9UiIekAiEAznq0EtP1+bciqHCkU936AVri
CotKxS6EGcHiMsjS37UAdgApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZcJV3H
hAAAAYG1JXCXAAAEAwBHMEUCIQDyvJIjI9TIPkBwjtf8Nim1/0/GC7rUFQNdNlQa
jkcXFgIgGxe3sPRh15BnffRd9W62P9Scn2Y+8UduqYtJJgnQng4wDQYJKoZIhvcN
AQELBQADggEBAIWi8ZNLYE3q5WsivtvTJhC9F0QWRoS1ZVT5MmbZ8Us9HxcwCUf8
cUZ5wz8BqyQ6/mhwCy5iPeiH8iyCEg87X5XLcWRwsm0BDZWjRdepeglQPITG0L0q
a27sa06plwSai0PdbvS+bSa/dG3IcmWlrDAVciJI0f8RapqFSx69iCN3HEAiEI5V
yak6LWNS7ZDi7hpEsQjjjCYFrhejVbZPWrITb/t0RASa+ov4vs0K0jic343TKNvE
jjTKqT/7ruptgGv5KyL+zxQrCBCtHI9pQkKsEDzymp6vsCPaDpoWAdrOi1nxXueL
qcoydlWfkpt+ALU8pWQ7Dt8g/KPW6kYfdaU=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4
WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu
ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY
MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc
h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+
0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U
A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW
T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH
B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC
B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv
KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn
OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn
jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw
qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI
rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq
hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ
3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK
NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5
ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur
TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC
jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc
oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA
mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
-----END CERTIFICATE-----

Certificate Transparency:

SCT Let's Encrypt 'Oak2022' log (Embedded in certificate, Verified)

SCT Google 'Argon2022' log (Embedded in certificate, Verified)

Welcome to the community @sanghoon.pyo

I don't see the same error you do. I see a Let's Encrypt cert created on Jul17 with just the epc.smotor.com name. You can see it using this SSL Decoder test site too.

Can you show the exact URL you are trying that shows a wrong cert? Is it some other port than just https(443)?

3 Likes

When accessing https://epc.smotor.com, an error message related to cepc2.smotor.com issued by certbot occurs.

Your connection is not private
Attackers might be trying to steal your information from epc.smotor.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID
Subject: cepc2.smotor.com

A certificate can cover more than one domain, the certificate your webserver (or whatever is terminating TLS) is currently serving is only for cepc2.smotor.com, if you need to to cover both cepc2.smotor.com and epc.smotor.com then you need to add epc.smotor.com to the certificate when you request it from Let's Encrypt. If you are using certbot I believe you do this using the expand option.

3 Likes

Where do you see that from? Just your browser?

Because SSL Decoder I linked earlier see the epc domain cert from Jul17. As do I from AWS US region.

And, SSL Labs sees the Jul17 cert for epc domain.

I believe both of you see a different cert. I just don't understand how. Is there some sort of world region CDN in use that is serving different certs?

Here is the cert history for the epc domain

3 Likes

Yep, this is just in Google Chrome, where it's appearing for me as a standard invalid name error. Interestingly if I check it with https://chainchecker.certifytheweb.com/ it's showing as valid.

Looks like the problem is just that DNS hasn't updated properly yet:

4 Likes

webprofusion explained why some regions get your newer server and some the old. You just have to wait for DNS propagation.

But, you may have configuration problem in your server. The new epc server is sending out a cert from Jul17 even though you created other certs after that. Including the one from DigiCert.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.