My domain is thinkplanner.se
It has https but sometimes when users try to visit the site they get this message.
This site is not secure
This might mean that someones trying to fool you or steal any info you send to the server. You should close this site immediately.
The certificate expires end of January.
Please help 
Best wishes.
Charlotte
Hi @charlotte
checked your site via thinkplanner.se - Make your website better - DNS, redirects, mixed content, certificates , you see the problem:
| Domainname | Http-Status | redirect | Sec. | G |
|---|---|---|---|---|
| β’ http://thinkplanner.se/ | ||||
| 18.188.17.87 | 301 | https://thinkplanner.se/ | 0.223 | A |
| β’ http://www.thinkplanner.se/ | ||||
| 18.188.17.87 | 301 | https://www.thinkplanner.se/ | 0.223 | A |
| β’ https://thinkplanner.se/ | ||||
| 18.188.17.87 | 200 | 2.440 | B | |
| β’ https://www.thinkplanner.se/ | ||||
| 18.188.17.87 | 200 | 2.227 | N | |
| Certificate error: RemoteCertificateNameMismatch |
Both http versions redirect to https, this is good.
Your non-www version works. But your www version has an invalide certificate. Because:
CN=thinkplanner.se
27.10.2018
24.01.2019
thinkplanner.se - 1 entry
your certificate has only one domain name, but you need a certificate with two domain names.
So how did you create this certificate?
Create one certificate with both domain names thinkplanner.se + www.thinkplanner.se and use this certificate.
In case you have not yet noticed:
thinkplanner.se & www.thinkplanner.se both resolve to:18.188.17.87
However, the cert at 18.188.17.87 only has one of those names on it.
The other name will fail with that error; as the CN, nor the SAN, donβt cover that other name.
If you ran certbot, with:
-d thinkplanner.se
then make that:
-d thinkplanner.se -d www.thinkplanner.se
[adjust for your particular ACME client syntax/requirement]
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
