[Solved] Certificate name mismatch problem with acme.sh

Hi, my site has two domain names: www.moonshinefly.com and moonshinefly.com, and I’m using acme.sh to issue cert for my site.

Now the problem is, www.moonshinefly.com can be reached by SSL, while moonshinefly.com can’t, and when I doing SSL test on qualis it said “Certificate name mismatch”, and I noticed that it let me “Try these other domain names (extracted from the certificates):www.moonshinefly.com”, which means the moonshinefly.com domain name didn’t include in the cert, I think.

But when I use acme.sh --list, I can see “moonshinefly.com” has a SAN_Domains “www.moonshinefly.com”, and I’m sure both domains have been redirected to the same web site root directory.

so I don’t know what’s the problem.

Hi @tukana,

You have issued 3 certs in last 2 days:

CRT ID     DOMAIN (CN)           VALID FROM             VALID TO               EXPIRES IN  SANs
235748655  moonshinefly.com      2017-Oct-20 04:53 UTC  2018-Jan-18 04:53 UTC  89 days     moonshinefly.com

235318854  moonshinefly.com      2017-Oct-19 17:08 UTC  2018-Jan-17 17:08 UTC  89 days     moonshinefly.com

235241270  www.moonshinefly.com  2017-Oct-19 15:48 UTC  2018-Jan-17 15:48 UTC  89 days     www.moonshinefly.com

The first issued one only covers www.moonshinefly.com domain but the last 2 ones cover both domains moonshinefly.com and www.moonshinefly.com. So seems you configured your nginx to use the first one and that is the reason you are receiving the error. Double check the right path configured in nginx to point to the right path where you have the cert covering both domains.

I suppose you are using this path /root/.acme.sh/www.moonshinefly.com but your new certs should be on /root/.acme.sh/moonshinefly.com or similar.

Also, if you change the nginx conf, remind to restart/reload nginx.


1 Like

Thanks! This problem has been solved.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.