SSL Mismatch on brand new DO Server


#1

Hello all!

I have just finished off building a new VPS on Digital Ocean. Uploaded my website and created the virtual host file for my domain! I also added an ssl cert to that domain and all went perfectly.

However it seems not to be configured properly. According to SSLLABS I have a domain name mismatch. I have edited my domain.name-le-ssl.conf file to look like this…

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName domain.name
    ServerAlias www.domain.name

    ServerAdmin vps@domain.name
    DocumentRoot /var/www/domain.name/public_html

    ErrorLog path to file....
    CustomLog path to file.....

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/domain.name/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/domain.name/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/domain.name/chain.pem

    Protocols h2 http/1.1
    H2Direct on

    Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

I am sure that I have set this up correctly and I have not edited any other file could I have also added my ipaddress and domain.name to my /etc/hosts file!

Any help is greatly appreciated!

  • Phillip Dews

#2

Did you specify both domain.name and www.domain.name when you ran ./letsencrypt-auto?

Are there any other VirtualHosts that use SSL?

You can check which domains your certificate covers using the following command:

openssl x509 -text -noout -in /etc/letsencrypt/live/example.com/cert.pem | grep DNS

If you don’t mind sharing your domain, that would probably speed things up a bit for us. :wink:


#3

Ah I see yes I ran the ./letsencrypt-auto on brum.design and not the www. version which is what I prefer on my htaccess file I just ran that script and the result is just DNS:brum.design

so should I run ./letsencrypt-auto again for the www.brum.design version and change up my virtualhosts file again?

Thanks for your help pfg!


#4

The details would depend on how you first ran ./letsencrypt-auto (flags/arguments), but generally you can pass multiple domains like this:

-d example.com -d www.example.com

I would also recommend adding --expand, because Let’s Encrypt might put the certificate in a new directory in /etc/letsencrypt/live otherwise. With --expand, it will replace the existing file that’s already used in your apache configuration, so you wouldn’t have to do more than reload it.


#5

Ah cool so all I would do is this then…?

./letsencrypt-auto --apache --expand -d example.com -d www.example.com

Cheers.


#6

Looks good to me, yes!


#7

Cheers dude worked like a dream! www.brum.design is spot on now all I goto figure out is why my <?php include_once "header.php" ?> is not rendering on the home page but perfect on the other pages! thanks for your help dude!

-Phillip


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.