Your are probably hitting the wrong cert file, check with:
openssl s_client -connect example.info:443
You can also try to disable the first SSL and check if you hit the right
one after.
On Tue, Jun 14, 2016 at 4:08 PM, <rich.gre...@hushmail.com> wrote:
> For some time, I have been hosting about 10 sites unencrypted. But since
> people other than just myself will be using my squirrelmail, I decided to
> encrypt my server. I had delayed it simply because keys are too expensive
> to buy, but now I learned about LetsEncrypt.org and have been working in
> that direction.
>
> So far, I moved two websites over to this server, example.com and
> example.info. My first test of the LetsEncrypt software was of the form
> of:
>
> # letsencrypt-auto -apache -d example.com
>
> but I ran into a caveat with www.example.com not being accepted. I
> decided to re-run with the other domain included as well, so I did the
> remaining three combinations:
>
> #letsencrypt-auto -apache -d www.example.com -d example.info -d
> www.example.info
>
> The conf files for the sites are fairly straight-forward in my mind.
> There are four of them:
>
> #/etc/apache2/sites-available/80-example.com
> <IfModule mod_ssl.c>
> <VirtualHost *:80>
> ServerAdmin webmaster@localhost
> DocumentRoot /var/www/example.com/public_html/
> ErrorLog ${APACHE_LOG_DIR}/error.log
> CustomLog ${APACHE_LOG_DIR}/access.log combined
> ServerName example.com
> ServerAlias www.example.com
> </VirtualHost>
> </IfModule>
>
> #/etc/apache2/sites-available/443-example.com
> <IfModule mod_ssl.c>
> <VirtualHost *:443>
> ServerAdmin webmas...@example.com
> DocumentRoot /var/www/example.com/public_html/
> ErrorLog ${APACHE_LOG_DIR}/error.log
> CustomLog ${APACHE_LOG_DIR}/access.log combined
> SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
> SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
> Include /etc/letsencrypt/options-ssl-apache.conf
> ServerName example.com
> ServerAlias www.example.com
> </VirtualHost>
> </IfModule>
>
> #/etc/apache2/sites-available/80-example.info
> <IfModule mod_ssl.c>
> <VirtualHost *:80>
> ServerAdmin webmaster@localhost
> DocumentRoot /var/www/example.info/public_html/
> ErrorLog ${APACHE_LOG_DIR}/error.log
> CustomLog ${APACHE_LOG_DIR}/access.log combined
> ServerName example.info
> ServerAlias www.example.info
> </VirtualHost>
> </IfModule>
>
> #/etc/apache2/sites-available/443-example.info
> <IfModule mod_ssl.c>
> <VirtualHost *:443>
> ServerAdmin webmas...@example.info
> DocumentRoot /var/www/example.info/public_html/
> ErrorLog ${APACHE_LOG_DIR}/error.log
> CustomLog ${APACHE_LOG_DIR}/access.log combined
> SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
> SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
> Include /etc/letsencrypt/options-ssl-apache.conf
> ServerName example.info
> ServerAlias www.example.info
> </VirtualHost>
>
> Notice that SSLCertificateFile and SSLCertificateKeyFile are the same for
> both of the domains, because they use the same key of example.com. The
> website, example.com works perfectly fine. But example.info has serious
> problems (On the order of NET::ERR_CERT_COMMON_NAME_INVALID). Who has an
> idea on how to fix this? I can't experiment too much because I'm limited
> to 5 keys per week so learning this myself is a very slow-track process.
>
> There are a number of HOWTO documents out there, but there is very wide
> variance in their steps that I have little confidence in them, but have
> chosen one and decided to try at it. Once I get this established, I
> promise to write a blog article explaining the procedure a little bit better
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>
--
[ ]'s
Filipe Cifali Stangler
