"SSL certificate name mismatch"

Hi,

I somehow managed to get a certificate for the saniteka.ru domain so that the www.saniteka.ru subdomain turned out to be from other my domain:

For saniteka.ru:
Common Name saniteka.ru
DNS Name saniteka.ru
DNS Name www.saniteka.ru

but

For www.saniteka.ru
Common Name maxnutrition.ru
DNS Name maxnutrition.ru
DNS Name www.maxnutrition.ru

I tried to fix it several times using wacs …

–target manual --host saniteka.ru,www.saniteka.ru --validation filesystem --webroot “\path\saniteka.ru” --store pemfiles --pemfilespath \path\certificates

… but nothing worked. Please help!

1 Like

Hi @Carapax

that’s

not the problem. Checking your domain the certificate creation has worked - https://check-your-website.server-daten.de/?q=saniteka.ru#ct-logs

Issuer not before not after Domain names LE-Duplicate next LE
Let’s Encrypt Authority X3 2019-12-28 2020-03-27 saniteka.ru, www.saniteka.ru - 2 entries duplicate nr. 3
Let’s Encrypt Authority X3 2019-12-27 2020-03-26 saniteka.ru, www.saniteka.ru - 2 entries duplicate nr. 2
Let’s Encrypt Authority X3 2019-12-27 2020-03-26 saniteka.ru - 1 entries duplicate nr. 2
Let’s Encrypt Authority X3 2019-12-27 2020-03-26 saniteka.ru, www.saniteka.ru - 2 entries duplicate nr. 1
Let’s Encrypt Authority X3 2019-12-25 2020-03-24 saniteka.ru - 1 entries duplicate nr. 1

So this part is done. Don’t create more certificates, there is a rate limit.

Your non-www uses the correct certificate:

CN=saniteka.ru
	28.12.2019
	27.03.2020
expires in 90 days	
saniteka.ru, www.saniteka.ru - 2 entries

But your www uses the wrong certificate, so it’s only a certificate installation problem.

There is an Apache. What says

apachectl -S
1 Like

Virtual hosts configs:

httpd
<VirtualHost *:80>
ServerName saniteka.ru
ServerAlias www.saniteka.ru
DocumentRoot “{path}/saniteka.ru”

#Permanently redirect all HTTP requests to HTTPS
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R=301,L]
Alias /.well-known "{path}/saniteka.ru/.well-known"

< / VirtualHost>

httpd-ssl
<VirtualHost *:443>
ServerName saniteka.ru:443
ServerAlias www.saniteka.ru:443
DocumentRoot “{path}/saniteka.ru”
SSLEngine on
Protocols h2 http/1.1

SSLCertificateFile “path/saniteka.ru-crt.pem”
SSLCertificateKeyFile “path/saniteka.ru-key.pem”
SSLCertificateChainFile “path/saniteka.ru-chain.pem”
< / VirtualHost>

similarly for maxnutrition.ru

Please share

apachectl -S

Your configuration may not work, that’s the reason that command is required.

And that

is wrong, the port isn’t part of a server name. So that vHost isn’t used -->> apachectl -S to see your real vHosts.

1 Like

My Apache is on Windows…

I removed the ports and it seems to work :slight_smile: Could you please check?

P.S. I somewhere googled this design. Surprised, but thought that smart people know better …

And thank you very much!

2 Likes

Use the online tool to check your configuration. Works if I’m out.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.