Author Topic: certificate does NOT include an ID which matches the server name  (Read 6309 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
I use Nginx & Apache, now there is a strange problem, the website is frequently inaccessible, Chrome shows ERR_CONNECTION_RESET, I checked the error log, it shows as follows, how can I fix it?

I've tried rebuilding the server, and reinstalling SSL, but it doesn't solve the problem. I also tested the SSL certificate using the tool and the key and certificate match.

[Wed Mar 16 03:40:52.287922 2022] [mpm_event:notice] [pid 27942:tid 140218443245440] AH00492: caught SIGWINCH, shutting down gracefully
[Wed Mar 16 03:40:52.371153 2022] [ssl:warn] [pid 28976:tid 140594806794112] AH01909: cpanel.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 03:40:52.371792 2022] [ssl:warn] [pid 28976:tid 140594806794112] AH01909: mail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 03:40:52.372764 2022] [ssl:warn] [pid 28976:tid 140594806794112] AH01909: webmail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 03:40:52.390082 2022] [ssl:warn] [pid 28977:tid 140594806794112] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Wed Mar 16 03:40:52.390603 2022] [ssl:warn] [pid 28977:tid 140594806794112] AH01909: cpanel.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 03:40:52.391149 2022] [ssl:warn] [pid 28977:tid 140594806794112] AH01909: mail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 03:40:52.391560 2022] [ssl:warn] [pid 28977:tid 140594806794112] AH01909: webmail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 03:40:52.393985 2022] [mpm_event:notice] [pid 28977:tid 140594806794112] AH00489: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips configured -- resuming normal operations
[Wed Mar 16 03:40:52.394022 2022] [core:notice] [pid 28977:tid 140594806794112] AH00094: Command line: '/usr/local/apache/bin/httpd'
[Wed Mar 16 04:17:45.705411 2022] [mpm_event:notice] [pid 28977:tid 140594806794112] AH00492: caught SIGWINCH, shutting down gracefully
[Wed Mar 16 04:17:45.760845 2022] [ssl:warn] [pid 30959:tid 140015092979584] AH01909: cpanel.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 04:17:45.761498 2022] [ssl:warn] [pid 30959:tid 140015092979584] AH01909: mail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 04:17:45.761995 2022] [ssl:warn] [pid 30959:tid 140015092979584] AH01909: webmail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 04:17:45.783688 2022] [ssl:warn] [pid 30960:tid 140015092979584] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Wed Mar 16 04:17:45.784421 2022] [ssl:warn] [pid 30960:tid 140015092979584] AH01909: cpanel.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 04:17:45.785201 2022] [ssl:warn] [pid 30960:tid 140015092979584] AH01909: mail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 04:17:45.785805 2022] [ssl:warn] [pid 30960:tid 140015092979584] AH01909: webmail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 04:17:45.788816 2022] [mpm_event:notice] [pid 30960:tid 140015092979584] AH00489: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips configured -- resuming normal operations
[Wed Mar 16 04:17:45.788860 2022] [core:notice] [pid 30960:tid 140015092979584] AH00094: Command line: '/usr/local/apache/bin/httpd'
[Wed Mar 16 08:16:02.810890 2022] [mpm_event:notice] [pid 30960:tid 140015092979584] AH00492: caught SIGWINCH, shutting down gracefully
[Wed Mar 16 08:16:02.874760 2022] [ssl:warn] [pid 10864:tid 140471621969792] AH01909: cpanel.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 08:16:02.875363 2022] [ssl:warn] [pid 10864:tid 140471621969792] AH01909: mail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 08:16:02.875825 2022] [ssl:warn] [pid 10864:tid 140471621969792] AH01909: webmail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 08:16:02.893965 2022] [ssl:warn] [pid 10866:tid 140471621969792] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Wed Mar 16 08:16:02.894490 2022] [ssl:warn] [pid 10866:tid 140471621969792] AH01909: cpanel.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 08:16:02.895037 2022] [ssl:warn] [pid 10866:tid 140471621969792] AH01909: mail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 08:16:02.895457 2022] [ssl:warn] [pid 10866:tid 140471621969792] AH01909: webmail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 08:16:02.897918 2022] [mpm_event:notice] [pid 10866:tid 140471621969792] AH00489: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips configured -- resuming normal operations
[Wed Mar 16 08:16:02.897966 2022] [core:notice] [pid 10866:tid 140471621969792] AH00094: Command line: '/usr/local/apache/bin/httpd'
« Last Edit: March 17, 2022, 02:11:05 AM by gailclark80 »

Offline
****
Re: certificate does NOT include an ID which matches the server name
« Reply #1 on: March 17, 2022, 02:45:47 AM »
First:  Make sure that you have A records pointing to your server for cpanel,webmail,mail,ftp.   

In CWP, goto WebServer Settings -> SSL Certificates

Find your domain, and click on services, and check all of the services.  Hit save.  If it pops up an error, report that back.  If it goes green, then those errors should disappear.
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: certificate does NOT include an ID which matches the server name
« Reply #2 on: March 17, 2022, 02:55:27 AM »
But I don't need these subdomains, so I didn't add A records for these subdomains.
In addition, my mail is the purchased google enterprise mail, it needs to point to the A record provided by google
« Last Edit: March 17, 2022, 02:57:26 AM by gailclark80 »

Offline
****
Re: certificate does NOT include an ID which matches the server name
« Reply #3 on: March 17, 2022, 02:56:51 AM »
Then you can safely ignore the errors.  CWP creates them by default, and uses the ssl cert for them.
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: certificate does NOT include an ID which matches the server name
« Reply #4 on: March 17, 2022, 03:01:56 AM »
But my website is often inaccessible, Google Chrome shows the error code is ERR_CONNECTION_RESET

There is error in the log: AH00492: caught SIGWINCH, shutting down gracefully

Is this error causing the website to be inaccessible?

Offline
****
Re: certificate does NOT include an ID which matches the server name
« Reply #5 on: March 17, 2022, 03:16:03 AM »
if it's constantly restarting, there can be numerous reasons.  Check /usr/local/apache/domlogs/  and go through the error logs for the domain in question to see if there are any explained errors.   

SIGWINCH is the code for something like the window being resized on linux, as it's not something common on a server install.  In any event, running it from systemctl should not be causing that issue.
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: certificate does NOT include an ID which matches the server name
« Reply #6 on: March 17, 2022, 04:14:36 AM »
There are no other errors found in the log, it seems that I have to reinstall CWP7

Offline
****
Re: certificate does NOT include an ID which matches the server name
« Reply #7 on: March 17, 2022, 05:27:40 AM »
Don't reinstall anything.   We can work out the issue.   

Is your site high volume.  You may need to adjust the number of MBM workers.  Take a look at this article: 
https://www.discoverbits.in/353/mpm_event-notice-ah00492-caught-sigwinch-shutting-gracefully
Google Hangouts:  rcschaff82@gmail.com

Offline
***
Re: certificate does NOT include an ID which matches the server name
« Reply #8 on: March 17, 2022, 11:01:49 AM »
But my website is often inaccessible, Google Chrome shows the error code is ERR_CONNECTION_RESET

There is error in the log: AH00492: caught SIGWINCH, shutting down gracefully

Is this error causing the website to be inaccessible?

I have been getting the same errors on my servers for many years.  It's annoying and no one wants to fix it.  But it doesnt seem to have any adverse effects.
Listen to everything Pixelpadre says.