Server's certificate does not match the url for www


#1

So, as far as I’m aware, each subdomain for letsencrypt has to be registered separately. The problem I’m having is when I make www.example.com an alias for example.com, the URL doesn’t match the one in the cert and I get an ssl error. Is the only solution to make a separate apache config for www with a separate cert listed?


#2

Assuming you’ve correctly added the www-domain to the certificate (with an extra -d www.domain), you can use this single certificate for both the www as the non-www domain.

It depends on your Apache (assuming Apache here, because you didn’t specify your used server software), you’ll have to configure this certificate in the www-virtualhost too. If you’ve used the ServerAlias directive for the www-domain inside the same VirtualHost section as the ServerName for the non-www domain, it should suffice to specify the cert just once in that VirtualHost…


#3

Ok so I tried using the ssl files for www.example.com (/etc/letsencrypt/live/www.example.com/cert.pem)
and navigating to https://example.com I had the same problem in reverse.


#4

Oh, I see. You have to specify both domains in one command when generating the cert. Does this only work with www or does it work on other subdomains?


#5

It works for other subdomains, or even completely different domains. You can add up to 100 different names, I believe.


#6

Oh cool. I don’t think that was the case when I joined the beta.