Author Topic: SSL certificate mismatches  (Read 3324 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
SSL certificate mismatches
« on: January 07, 2021, 06:40:31 AM »
No matter how I try to install an SSL certificate on a domain or subdomain I end up with a certificate with the server name listed as my control panel hostname and not the domain I am trying to get an SSL cert for. Please help. I only have on idea and that would be a hack of changing hostnames to the domain every time I try to create a new SSL Although Let's Encrypt is probably about ready to block me for too many activations, so a fix would be appreciated, especially since my server is down due to this.

Offline
**
Re: SSL certificate mismatches
« Reply #1 on: January 08, 2021, 09:15:44 PM »
is the server hostname an A record or CNAME?
Are you using cloudfare?If yes, then disable SSL from cloudfare

Offline
*
Re: SSL certificate mismatches
« Reply #2 on: January 10, 2021, 03:46:00 AM »
This is at least a two-year-old problem and I had just forgotten about working around it since it has never gotten fixed. My DNS is in order and I am not using cloudflare.

As the situation stands, making a new user account for a domain if you check the box for "AutoSSL domain must be pointed to the server." You will end up with a useless SSL certificate that instead of having the domain you are creating as the root domain, it uses the panel's hostname instead. This creates an SSL cert mismatch and renders the certificate useless - actually more than useless as most browsers won't even let you connect anymore. This also uses up one of your Let's Encrypt allotments and before long you are going to get blocked by them. You can *ONLY** successfully install an SSL cert AFTER you create the user account/domain (or subdomain) you cannot check that box when you are creating the account. After over two years I cannot believe nothing has been done about this.

Re: SSL certificate mismatches
« Reply #3 on: January 10, 2021, 10:46:50 AM »
.. After over two years I cannot believe nothing has been done about this.
I can.
Witness: Reneweds/Faileds  >:(