Ssl_error_bad_cert_domain on FFox (Chrome works fine)

Hello!
I have problem after I change Debian 7 to Debian 8. After changing all my sites gets “Ssl_error_bad_cert_domain” and server error with www. Without www work fine. Please, help me, what should I do?

My domain is: vernu-nalog.ru www.vernu-nalog.ru

My web server is (include version): apache 2.4.29

The operating system my web server runs on is (include version): Debian GNU/Linux 8.9 (jessie)

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

And that’s my conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
  ServerName vernu-nalog.ru
  ServerAlias  www.vernu-nalog.ru vernu-nalog.ru
  DocumentRoot /home/fans/domains/vernu-nalog.ru/html

  ErrorLog "/home/fans/domains/vernu-nalog.ru/logs/error_log"
  <Directory />
        AllowOverride All
        Options All -Indexes
        Require all granted
  </Directory>

SSLCertificateFile /etc/letsencrypt/live/vernu-nalog.ru/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/vernu-nalog.ru/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.vernu-nalog.ru
RewriteRule ^ https://vernu-nalog.ru%{REQUEST_URI} [END,QSA,R=301]
</VirtualHost>
</IfModule>

You should reissue the certificates including the domain name without and with leading www.

How can I do this? When I start “certbot --apache2” I can choose www or without www, but not both.

You can typ multiple numbers when presented with the list of domains. I don’t know if it’s comma or space separated, but the instructions should be on the same screen. Please add a screenshot if you’re unsure or unable to enter multiple hostnames.

Thanks a lot!!! It work now! In previous Debian version there was a certbot menu, but now not. After your advice I’m just used space and certbot generates one sertificate for both aliases.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.