Domain: hcx.global
Web server: Apache/2.4.18 (Ubuntu)
Operating system my web server runs on: Ubuntu 16.04
Can login to a root shell on my machine: Yes
Using a control panel: No
Obtained wildcard certificate with certbot-auto with the following command:
sudo ./certbot-auto certonly \
--server https://acme-v02.api.letsencrypt.org/directory \
--manual --preferred-challenges dns \
--renew-by-default \
-d *.hcx.global
Got the following 4 files
cert.pem chain.pem fullchain.pem privkey.pem
in location /etc/letsencrypt/live/hcx.global/
Setup Apache Vhost file with following:
<VirtualHost *:80>
ServerName hcx.global
Redirect permanent / https://hcx.global/
</VirtualHost>
<VirtualHost *:443>
ServerName hcx.global
ServerAlias www.hcx.global
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/hcx.global/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/hcx.global/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/hcx.global/chain.pem
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Then restarted apache server but browsers are complaining:
NET::ERR_CERT_COMMON_NAME_INVALID
The virtual host is working as it redirects http to https.
curl -v https://hcx.global
* Rebuilt URL to: https://hcx.global/
* Trying 101.53.145.96...
* Connected to hcx.global (101.53.145.96) port 443 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 604 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* server certificate verification OK
* server certificate status verification SKIPPED
* SSL: certificate subject name (*.hcx.global) does not match target host name 'hcx.global'
* Closing connection 0
curl: (51) SSL: certificate subject name (*.hcx.global) does not match target host name 'hcx.global'
What could be the cause of error ?