Your connection is not private on Mobile


#1

Every thing is perfect except https://mydomain.com is giving message "Your connection is not private " in mobiles (Works fine on pc) with NET::ERR_CERT_COMMON_NAME_INVALID error code.


And the website is hosted on AWS.

Thanks in advance.


#2

It looks like you’re accessing the site via example.com, while the certificate is only valid for www.example.com. The hostname on the certificate needs to be an exact match to the one you use to access the site - www. is no special case or anything like that.

You’ll probably want to re-issue the certificate with both example.com and www.example.com. How you do this depends on your client and how exactly you used it. Assuming you used certbot, it might be as simple as adding a ServerAlias example.com directive to your HTTP vhost if you used the apache plugin, and then re-running the client with --expand. If you used something like --webroot in certonly mode, you would probably want something like:

certbot certonly --webroot -w /var/www/example/ -d www.example.com -d example.com --expand

Once that command succeeds, reloading the web server should fix this.


#3

Thanks for your quick response,
Actually I want to redirect all the traffic to https://www, that is why i took certificate for www.mydomain.com.


#4

If you browse to the URL https://example.com (rather than http://example.com), you would need a certificate that is valid for example.com in order to serve that redirect in the first place. Getting a certificate that’s valid for both hostnames would definitely be the option that’s least likely to cause any issues that depend on the exact URL a visitor uses, with no real downsides.


#5

I got the point.
I have installed certificate for www.mydomain.com on aws.Please tell me, do I need to install the certificate from the scratch.


#6

It’s hard to say based on the details you’ve provided. Is this an EC2 instance running Amazon Linux (or any other distribution)? Or some specific AWS service that you deployed the certificate on? How did you obtain the certificate, and how did you deploy it the first time?


#7

Yes, It is on EC2 instance running on Linux.And I obtained certificate using some commands provided by a website.Then I added the keys in bitnami.conf file.(Installed wordpress using Bitnami)


#8

Please provide a link to that site, or at least the commands you used. It could be a matter of simply restarting the web server if the web server is configured to point to the directory in which the client manages the certificates as they are renewed, but it could involve more steps depending on that guide.


#9

I followed up to STEP 2 given on this page https://www.mitchcanter.com/lets-encrypt-ssl-amazon-aws/


#10

It does sound like restarting the web server should suffice, assuming your bitnami config points to files in /etc/letsencrypt/live/example.com.

You said that you obtained a certificate for the www subdomain. Was this a separate certificate, or did you obtain one for both example.com and www.example.com (i.e. a multi-SAN certificate)? Assuming your bitnami config only has one place to configure certificates and keys and that you don’t have separate vhosts for each domain, you would probably want the combined certificate - that’s what the --expand flag in my command-line was about. This would replace the existing certificate and key files rather than create a new subdirectory under /etc/letsencrypt/live.


#11

unfortunately We took two different certificates for www and non www.


#12

I did it.Thank you pfg


#13

Finally Mobipricekart


#14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.