I am using centos6 and I already had certificate for some domains on my server and it is working well. Now I am trying use new domain on the same server. I also got new certificate for new domain and then I configure d that new certificate in Apache2 as my old configuration pattern, but the browser response as below error:
=============== Chrome Error ==========================
Your connection is not private
Attackers might be trying to steal your information from myNewdomain.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
This server could not prove that it is myNewdomain.com; its security certificate is from myOlddomain.com. This may be caused by a misconfiguration or an attacker intercepting your connection.
Did you reload apache after changing the configuration to point to the new certificate ?
From the error, it looks as if it’s still using the old cert - hence the problem is either the configuration is still pointing to the old cert, or you haven’t reloaded the config.
Yes I did, After changing the configuration I already restart apache, but it still using old cert.
Noted: I have use two cert in apache configuration file(httpd-ssl.conf). The old one is working well, but the second one doesn’t working.
==============httpd-ssl.conf================
Listen 443
NameVirtualHost *:443
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
SSLHonorCipherOrder on
Please put the config within the “code markup” (select the text and click on the “</>” logo). I am missing a lot of directives like <VirtualHost> et cetera.