Sites are insecure, should be secure

Das Goravani goravanis at gmail.com
Sat Mar 5 02:14:30 UTC 2022 

Well now I got something to chew on, I tried to enter one of the sites in Chrome which is stricter than most, and it gave me the warning that the site is insecure, and it listed a reason, it said ERROR Common name invalid

So at least I have a clue that something is wrong with the cert. I will remake it. 

Multiple domains works, I will do it again, and try again, to see if all is well, if that doesn’t work, I will go to singular certs. 



> On Mar 4, 2022, at 6:41 PM, Andrew Stolarz <stolarz at gmail.com> wrote:
> 
> Das,
> 
> I dont think your SSL cert covers all your domains like you think they do.
> 
> To answer your question "If there was a command that would let you see what
> domains are covered by a cert, I’m sure you would see mine has all 4
> domains in it with their www counterparts. 8 domains total."
> 
> You can see what domains are covered in the SSL within your browser.
> 
> Using google Chrome browser....
> 
> Go to a secure site and when you click the lock in the browser bar and
> select connection is secure > certificate is valid.
> 
> 
> Expand the certificate details and find an area that states "subject
> alternative names" ....it will list all the DNS names that the cert covers.
> 
> 
> 
> Andrew
> 
> 
> 
> 
> On Fri, Mar 4, 2022 at 5:43 PM Das Goravani <goravanis at gmail.com <mailto:goravanis at gmail.com>> wrote:
> 
>> 
>> Andrew, I hear ya.
>> 
>> However, I have used a multi domain cert from Certbot for nearly 2 years
>> through many renewals.
>> 
>> Certbot issues individual or multi domain certs. Multi domain is totally
>> normal.
>> 
>> It’s working for Goravani.com and readmyastrology.com <
>> http://readmyastrology.com/ <http://readmyastrology.com/>>, off the same cert, right now.
>> 
>> The other two should be secure. It’s their cert too.
>> 
>> Only the name is Goravani.com <http://goravani.com/> because certbot uses the first domain in the
>> cert as the name of the cert, that is all.
>> 
>> It’s really a cert for 4 sites. No problem, normally.
>> 
>> It’s supposed to work, but something is wrong somewhere.
>> 
>> If there was a command that would let you see what domains are covered by
>> a cert, I’m sure you would see mine has all 4 domains in it with their www
>> counterparts. 8 domains total.
>> 
>> I don’t think that’s the reason 2 of my sites say insecure. I don’t know
>> the reason but that is not supposed to be the reason.
>> 
>> 
>>> On Mar 4, 2022, at 2:09 PM, Andrew Stolarz <stolarz at gmail.com <mailto:stolarz at gmail.com>> wrote:
>>> 
>>> Das,
>>> 
>>> I use lets encrypt for my sites as well (except on windows servers). I
>> set
>>> up different SSL certs for each site and in the domain setup area, I
>> select
>>> which SSL cert it will use. Im assuming its similar on the mac side.
>>> 
>>> When I look at  GoravaniJyotish.com <http://goravanijyotish.com/> <http://goravanijyotish.com/ <http://goravanijyotish.com/>>, it
>> staying its insecure because its
>>> trying to use the SSL cert for Goravani.com <http://goravani.com/> <http://goravani.com/ <http://goravani.com/>>....instead
>> of itss own domains
>>> GoravaniJyotish.com <http://goravanijyotish.com/> <http://goravanijyotish.com/ <http://goravanijyotish.com/>>,
>>> 
>>> 
>>> I have always created individual ssl certs for each domain and never ran
>>> into this issue.
>>> 
>>> 
>>> Andrew
>>> 
>>> 
>>> 
>>> On Fri, Mar 4, 2022 at 1:35 PM Das Goravani <goravanis at gmail.com <mailto:goravanis at gmail.com>
>> <mailto:goravanis at gmail.com <mailto:goravanis at gmail.com>>> wrote:
>>> 
>>>> 
>>>> Hello $all,
>>>> 
>>>> I have 4 websites served through my Mac server.
>>>> They are all set up identically in all places.
>>>> They are all 4 covered in my SSL Certificate
>>>> 
>>>> Yet 2 of them are insecure when you access them.
>>>> Like the other 2, they should be secure.
>>>> 
>>>> How is it possible? They are all set up identically. That means that in
>> my
>>>> Web Server Software they have the exact same settings, which means in
>>>> Apache they have the same settings, they are all on the same
>> certificate,
>>>> their document root folders are together in the same place, everything
>>>> about the 4 is the same except their content of course.
>>>> 
>>>> 2 of them come up secure as they should.
>>>> 
>>>> Goravani.com
>>>> ReadMyAstrology.com
>>>> 
>>>> 2 of them come up insecure.
>>>> 
>>>> GoravaniJyotish.com <http://goravanijyotish.com/> <
>> http://goravanijyotish.com/ <http://goravanijyotish.com/> <http://goravanijyotish.com/ <http://goravanijyotish.com/>>>
>>>> JyotishStudio.com <http://jyotishstudio.com/> <http://jyotishstudio.com/ <http://jyotishstudio.com/>> <
>> http://jyotishstudio.com/ <http://jyotishstudio.com/> <http://jyotishstudio.com/ <http://jyotishstudio.com/>>>
>>>> 
>>>> They should all four be secure.
>>>> 
>>>> Can you think of anything that would do this odd behavior?
>>>> 
>>>> Thanks in advance,
>>>> 
>>>> Das Goravani
>>>> 
>>>> Ps: I worked out my web server and mail server problems.
>>>> _____________________________________________________________
>>>> Manage your list subscriptions at https://lists.omnis-dev.com <https://lists.omnis-dev.com/> <
>> https://lists.omnis-dev.com/ <https://lists.omnis-dev.com/>>
>>>> Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com <mailto:omnisdev-en at lists.omnis-dev.com> <mailto:
>> omnisdev-en at lists.omnis-dev.com <mailto:omnisdev-en at lists.omnis-dev.com>>
>>>> 
>>> _____________________________________________________________
>>> Manage your list subscriptions at https://lists.omnis-dev.com <https://lists.omnis-dev.com/> <
>> https://lists.omnis-dev.com/ <https://lists.omnis-dev.com/>>
>>> Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com <mailto:omnisdev-en at lists.omnis-dev.com> <mailto:
>> omnisdev-en at lists.omnis-dev.com <mailto:omnisdev-en at lists.omnis-dev.com>>
>> _____________________________________________________________
>> Manage your list subscriptions at https://lists.omnis-dev.com
>> Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com
>> 
> _____________________________________________________________
> Manage your list subscriptions at https://lists.omnis-dev.com
> Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com

More information about the omnisdev-en mailing list