Wrong domain when testing with SSL Labs


#1

Hello everybody,

I own several domains: domain1.de, nocheine.de and last.net. When I run a test with SSLLabs for domain last.net I will always see the domain1.de. Why is that? Can one change that really only the domain is displayed with which I carry out this test? Or did I configure something wrong?

Thank you for your help

Sorry for my bad english - I use gogle translate

My web server is Apache 2.4.25

The operating system my web server runs on is (include version): Debian 9.3


#2

Hi,

Can you show us your true domain address?

P.S. this seems to be a server problem instead of LE’s porblem.

Thank you


#3

Are you referring the Common Name listed on SSLLabs.com?

There can only be one Common Name per certificate. You have to get individual certificates for each domain if you want them to have different Common Names.

The Common Name isn’t really used for anything, and it is the list of Subject Alternative Names that browsers usually check. If the domain you are checking is listed among the Subject Alternative Names, it is valid. ssllabs gives you a T grade when your certificate isn’t valid for the domain you typed in. As long as you got grades A-F, your configuration is valid in this respect.


#4

yes, Domain1.de is displayed to me as a Common Name. I started the configuration with certbot --apache. He, he has provided all domains on the server with a certificate. If I want to do this for each domain individually which command will be used for that?

Thank you and best regards


#5

You can specify an individual name with -d. For example

certbot --apache -d example.com
certbot --apache -d example.net
certbot --apache -d example.org

Each time that you run certbot, you’ll request one separate certificate.

If you don’t need the old certificate anymore, you can also delete Certbot’s copy of your old certificate that contains multiple names using certbot delete. (This shouldn’t be done if you still have Apache configured to use the certificate, because your Apache configuration will become invalid if it points to a certificate that’s no longer installed.) Use certbot certificates to view which certificates are currently managed by Certbot.

Please remember the rate limits (if some of the names are subdomains of the same domain)

and what @Patches said, that the Common Name field is more cosmetic or aesthetic. (It doesn’t have a technical impact on the correctness or validity of your certificates.)


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.