Problem with two certificates for sub domains


i’m using ubuntu 16.40 with apache2 as webserver.

I had one sub domain and i created a lets encrypt certificate for this subdomain. That certificate works fine.

i created the certificate with this command:
sudo certbot --apache -d

Now i created a second sub domain on the server and created a second certificate with
sudo certbot --apache -d

Now the certificate of is not trusted anymore because it has the has common name and SAN. What did i wrong? is it not possible to create two lets encrypt certificates for two sub domains on the same server?

Thanks for your help.

EDIT: I restored my snapshot and the certificate is working again. has no certificate at the moment. what should i consider if i create a certificate for this sub domain?

Each vhost can have its’ own unique certificate - but is limited to only one certificate (per type - unrelated to this problem).
If your only have one vhost, then you must chose one certificate (if so, I would get one with both names on it).
if you have multiple vhost files then ensure they listen on 443 where required and contain the proper cert for the matching servername.

In review of both sites, they now seem to be functioning as expected:

openssl s_client -connect -servername
returns a cert for “

openssl s_client -connect -servername
returns a cert for “

thanks for your reply. i found the problem and the websites are working fine now.
The problem was, that on one vhost was looking this:

i changed it to this

<VirtualHost *:443>

Now the problem is gone.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.