Not www.* but www.outrightsoftware.com.
As long as there is no other VirtualHost which occupies that name, yes 
As a general rule of thumb: all names which the certificate is valid for should be listed as ServerAlias, one of them as ServerName.
Thanks for taking out time to reply.
Its still working on with www. Please advise.
<VirtualHost *:443>
DocumentRoot /opt/bitnami/apps/wordpress/htdocs
ServerName outrightsoftware.com
ServerAlias wwww.outrightsoftware.com
SSLEngine on
SSLCertificateFile /opt/bitnami/apps/wordpress/letsencrypt/live/outrightsoftware.com/fullchain.pem
SSLCertificateKeyFile /opt/bitnami/apps/wordpress/letsencrypt/live/outrightsoftware.com/private.pem
Include “/opt/bitnami/apps/wordpress/conf/httpd-app.conf”
<FilesMatch “.(cgi|shtml|phtml|php)$”>
SSLOptions +StdEnvVars
BrowserMatch “MSIE [2-6]”
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
BrowserMatch “MSIE [17-9]” ssl-unclean-shutdown
Try commenting out ServerAlias and restarting / reloading Apache
I am trying to fix www issue by adding ServerAlias, will that solve the purpose if I remove that?
So you want your site to only respond on https://outrightsoftware.com/ and not https://www.outrightsoftware.com/ ??
Then take out ServerAlias in the Port 443 config and do a redirect on the port 80 for both to redirect to https://outrightsoftware.com/
<VirtualHost *:80>
ServerName outrightsoftware.com
ServerAlias www.outrightsoftware.com
Redirect permanent / https://outrightsoftware.com/
</VirtualHost>
You can also redirect the SSL www site to the non www by adding another vhost configuration
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.outrightsoftware.com
SSLEngine on
SSLCertificateFile /opt/bitnami/apps/wordpress/letsencrypt/live/outrightsoftware.com/fullchain.pem
SSLCertificateKeyFile /opt/bitnami/apps/wordpress/letsencrypt/live/outrightsoftware.com/private.pem
Include “/opt/bitnami/apps/wordpress/conf/httpd-app.conf”
Redirect permanent / https://outrightsoftware.com/
</VirtualHost>
Great, the last section with SSL redirect worked. Thanks a ton for your time and support.
Excellent and no problem at all, through our combined efforts @bytecamp glad you are up and running now 
You still offer the wrong certificate when retrieving https://www.outrightsoftware.com/
Expanding ssl certs to domain with www will help you in this situation.
certbot --expand -d outrightsoftware.com -d www.outrightsoftware.com
The certificate is already valid for both domain names. The OP just doesn't have configured Apache to offer it on www.outrightsoftware.com, too.
This cannot work as there are no SSL* statements.
LOL … you got me … my brain is really not with it at the moment … (updated it)
I tried by adding ServerAlias, is there any other method?
That was right, but you put a typo in the name:
ServerAlias wwww.outrightsoftware.com
Ooops, Great, this works. Thanks a ton. Is there any way to remove the 2nd certificate as SSLLabs showing 2nd certificate as bad.
Have a look into your configuration. There must be another VirtualHost which references this certificate. I would recommend deleting the whole VirtualHost which uses it - just to clean up your configuration.
Try to find with grep:
$ grep -r SSLCertificateFile /etc/apache2
Great, Thanks a ton for the support. I found that in one of the bitnami files. Really helpful.
BTW. I had the same problem.
The fix was to change SSLCertificateFile from fullcert.pem to cert.pem and add a SSLCertificateChainFile with chain.pem.
My question is why didn’t certbot do the right thing by default?
version 0.19.0
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.