Your connection is not private in chrome - NET::ERR_CERT_COMMON_NAME_INVALID

I add a subdomain to my site https://marketpro.cashflow.rentals. It seemed to be working fine and then my main web site, https://cashflow.rentals, and the one first mentioned both got the your connection is not private message in chrome shortly after. I noticed the problem days later.

I downloaded and reran LetsEncrypt. Both sites started working. I tested it a day or two later and the same issue occurs. If I go into IIS and stop the marketpro.cashflow.rentals domain, the main one starts working again.

My domain is: https://cashflow.rentals

My web server is (include version): IIS Version 1809

The operating system my web server runs on is (include version): Windows Server 2019

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): No

1 Like

the cert is for dev.cashflow.rentals.
not for cashflow.rentals or the subdomain.
you need 2 certs for that, or multicert all domainsnames, or wildcard cert for the domain.

2 Likes

Thanks for the reply. Are there instructions in the acme application on how to set up what you're saying?

1 Like

There is no such thing as THE ACME application: there are multiple. It would help us greatly if you told us which tool you've used to get the certificates in the first place.

2 Likes

with certbot, for example, you create a new cert and name the domin with the switch
-d cashflow.rentals -d marketpro.cashflow.rentals

2 Likes

Your certificate for your apex domain cashflow.rentals and your marketpro subdomain both come back to your dev.cashflow.rentals subdomain. You should create a certificate for your apex domain cashflow.rentals and add the other subdomains using the -d (subdomain) switch as mentioned by .

If cashflow.rentals is your "main domain" as you said, you sort of forgot to create a certificate for it. :wink:

Another point to consider: Some people may type www. before your domain name. If they do, you'll want a redirect from www subdomain to the apex domain or the other subdomains without the www.

As @Osiris mentioned above it would help if you tell us what client and version you are using to obtain your cert, instead of saying "No".

3 Likes

This is what I used to get the certificate created. I ran their executable and answered there questions in the command prompt. Maybe I chose something wrong. - https://www.win-acme.com/

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.