The servername "www.amnetgroup.com" and CN in the certificate must match and be the same, that is what "rsa certificate configured for xxxxxxxxxxx:443 does not include an id which matches the server name " means.
you can easily check it with command "openssl x509 -in /ssl/amnetgroup.com/cert/amnetgroup.com.crt -noout -subject" So if the CN is amnetgroup.com and your servername is www.amnetgroup.com there is no match unless there is SAN (subject alternate name) in the cert that matches the servername you are using. El dom., 5 ene. 2020 a las 20:07, Sac Isilia (<[email protected]>) escribió: > > Hi @lbutlr, > > Below is the site.conf file settings . We just updated the certificate > contents and touched nothing else. Right now the site is reverted to its > original certificate. But as soon as we update the certificate contents it > doesn't work and throw the error that I mentioned. > > <VirtualHost *:80> > ServerName amnetgroup.com > > > RedirectMatch 301 (.*) https://www.amnetgroup.com$1 > </VirtualHost> > > <VirtualHost *:80> > ServerName amnet.ie > ServerAlias www.amnet.ie > ServerAlias amnetgroup.ie www.amnetgroup.ie > RedirectMatch 301 (.*) https://www.amnetgroup.com/en/ie/ > </VirtualHost> > > <VirtualHost *:80> > ServerName www.amnetgroup.com > > > DocumentRoot "/sites/amnetgroup.com/public_html" > > Redirect permanent / https://www.amnetgroup.com/ > > CustomLog /sites/logs/apache/amnetgroup.com-access.log combined > ErrorLog /sites/logs/apache/amnetgroup.com-error.log > > <IfModule worker.c> > StartServers 4 > MaxClients 300 > MinSpareThreads 25 > MaxSpareThreads 75 > ThreadsPerChild 25 > MaxRequestsPerChild 0 > </IfModule> > > ProxyPassMatch ^/(.*\.php(/.*)?)$ > fcgi://127.0.0.1:9054/sites/amnetgroup.com/public_html/$1 > DirectoryIndex index.php > > DirectoryIndex index.php > php_value memory_limit 1024M > > <Directory "/sites/amnetgroup.com/public_html/"> > Options Indexes FollowSymLinks > AllowOverride All > Require all granted > </Directory> > RewriteEngine On > RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) > RewriteRule .* - [F] > </VirtualHost> > > <VirtualHost *:443> > ServerName amnetgroup.com > SSLEngine on > SSLCertificateFile /ssl/amnetgroup.com/cert/amnetgroup.com.crt > SSLCertificateKeyFile /ssl/amnetgroup.com/src/amnetgroup.com.key > SSLCertificateChainFile /ssl/amnetgroup.com/cert/amnetgroup.com-bundle > > SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 > SSLCipherSuite > ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 > SSLHonorCipherOrder on > SSLCompression off > SSLSessionTickets off > > Redirect permanent / https://www.amnetgroup.com/ > > RewriteEngine On > RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|HEAD) > RewriteRule .* - [F] > </VirtualHost> > > <VirtualHost *:443> > ServerName www.amnetgroup.com > SSLEngine on > SSLCertificateFile /ssl/amnetgroup.com/cert/amnetgroup.com.crt > SSLCertificateKeyFile /ssl/amnetgroup.com/src/amnetgroup.com.key > SSLCertificateChainFile /ssl/amnetgroup.com/cert/amnetgroup.com-bundle > > SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 > SSLCipherSuite > ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 > SSLHonorCipherOrder on > SSLCompression off > SSLSessionTickets off > > DocumentRoot "/sites/amnetgroup.com/public_html" > > CustomLog /sites/logs/apache/amnetgroup.com-access.log combined > ErrorLog /sites/logs/apache/amnetgroup.com-error.log > > <IfModule worker.c> > StartServers 4 > MaxClients 300 > MinSpareThreads 25 > MaxSpareThreads 75 > ThreadsPerChild 25 > MaxRequestsPerChild 0 > </IfModule> > > ProxyPassMatch ^/(.*\.php(/.*)?)$ > fcgi://127.0.0.1:9054/sites/amnetgroup.com/public_html/$1 > DirectoryIndex index.php > php_value memory_limit 1024M > > <Directory "/sites/amnetgroup.com/public_html/"> > Options Indexes FollowSymLinks > AllowOverride All > Require all granted > </Directory> > RewriteEngine On > RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|HEAD) > RewriteRule .* - [F] > </VirtualHost> > > Regards > Sachin Kumar > > On Sun, Jan 5, 2020 at 11:45 PM @lbutlr <[email protected]> wrote: >> >> On 04 Jan 2020, at 10:02, Sac Isilia <[email protected]> wrote: >> > ah01909: rsa certificate configured for xxxxxxxxxxx:443 does not include >> > an id which matches the server name >> > >> > Please help me in resolving this issue. >> >> That seems clear to me. >> >> What is the server name and what are the servers listed in the certificate? >> Is there a match? >> >> Are you sure? >> >> Are you looking at the right certificate? Is the server looking at the right >> certificate? Has apache been restarted? >> >> >> >> -- >> NOTHING IS FINAL. NOTHING IS ABSOLUTE. EXCEPT ME, OF COURSE. SUCH >> TINKERING WITH DESTINY COULD MEAN THE DOWNFALL OF THE WORLD. >> THERE MUST BE A CHANCE, HOWEVER SMALL. THE LAWYERS OF FATE DEMAND >> A LOOPHOLE IN EVERY PROPHECY. —Sourcery >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> -- Daniel Ferradal HTTPD Project #httpd help at Freenode --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
