Two certificates showing up?

ProgramMax · September 19, 2018, 4:47am

Hello,

When I check my site against SSL Labs’s testing, I see 2 certificates and I’m not sure why.
The site is gdb-tutorial.net. Certificate #1 matches that:
https://www.ssllabs.com/ssltest/analyze.html?d=www.gdb-tutorial.net&s=2604%3A180%3A2%3A3c6%3A0%3A0%3A0%3Ac2a7
(You’ll see I’m using that certificate for gdb-tutorial.net, static.gdb-tutorial.net, and www.gdb-tutorial.net)

However, there is also certificate #2 for www.chrisblume.net. I am not sure why this is showing up.
This is another domain on this server. But it isn’t from RDNS. That would be a different domain.

I’m not sure how I messed this up. But I completely deleted /etc/letsencrypt/live/gdb-tutorial.net/* to create a new certificate a while ago which included the subdomains. The double-certificate problem existed before and appears to still exist.

Any ideas why that second certificate is listed and how to remove it?
Thanks!

Osiris · September 19, 2018, 5:03am

That's the certificate the webserver will serve without any Server Name Indication information. The "default" certificate as it were.

It should be somewhere in your webserver configuration, the first virtualhost your software encounters to be exact.

ProgramMax · September 22, 2018, 10:52pm

Thank you. That was exactly what I needed to learn.
That same SSL Labs report also mentions "This site works only in browsers with SNI support." (which is intentional) so I guess I can safely ignore it. I've updated it to match my RDNS but it doesn't matter.

Thank you for sharing your wisdom.

system · October 22, 2018, 10:52pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.