SSL shows other domain
SSL shows other domain
I am currently facing a problem that I often face with VestaCP lately and looking for a fix.
The problem is:
My Webserver hosts multiple domains (about 20) and I use LetsEncrypt for SSL which works most of the time.
Sometimes I get an error response and cannot use LetsEncrypt at all but this is not a big problem for the moment.
The issue I have right now is I added a LetsEncrypt SSL to a domain and it accepted it. However once visiting the site with HTTPS, I get a cert warning saying that the SSL at "mynewdomain.com" is pointing to "mymaindomain.com", which I had before and could usually resolve by deleting mynewdomain.com and re-adding it - this time I already had files,DB and stuff on it so I decided to get a COMODO SSL (that 5$ one from ssls.com) - which I have done countless times with VestaCP in the past. But, after adding it I am facing the exact same issue.
I tried from different devices/browsers - I restarted nginx&apache - nothing.
Is anybody else having/had a similar issue? Somehow VestaCP just "can't" SSL.
Best,
Paul
The problem is:
My Webserver hosts multiple domains (about 20) and I use LetsEncrypt for SSL which works most of the time.
Sometimes I get an error response and cannot use LetsEncrypt at all but this is not a big problem for the moment.
The issue I have right now is I added a LetsEncrypt SSL to a domain and it accepted it. However once visiting the site with HTTPS, I get a cert warning saying that the SSL at "mynewdomain.com" is pointing to "mymaindomain.com", which I had before and could usually resolve by deleting mynewdomain.com and re-adding it - this time I already had files,DB and stuff on it so I decided to get a COMODO SSL (that 5$ one from ssls.com) - which I have done countless times with VestaCP in the past. But, after adding it I am facing the exact same issue.
I tried from different devices/browsers - I restarted nginx&apache - nothing.
Is anybody else having/had a similar issue? Somehow VestaCP just "can't" SSL.
Best,
Paul
Re: SSL shows other domain
Any ideas here? Am I the only one facing this?
Re: SSL shows other domain
This is usually related to misconfiguration of virtual host name. VESTA *usually* does a pretty good job handling this for you. Emphasize on *usually* because there could be a bug since Letsencrypt SSL GUI is only recently available.
Actually, a lot of people are having similar issue with SSL and Letsencrypt. Usually has to do with mix manual + UI edits of the nginx.conf or apache.conf which result in unable to even start these servers. You seem to be lucky enough to have it *working* for the most part. Troubleshooting these issues can be difficult without more details how your setup. Especially when your setup is nginx->apache. Additional layer makes it more difficult. Some users choose to just use nginx->php-fpm directly. Others, like myself, choose to make things simple by hosting separate website on separate user account. That's why you don't get immediate answer for these kind of questions without more details.
So what is your setup? So far, we know it's nginx->apache. How many sites per user? Where is the maindomain locate under? Same user or under admin? etc...
Actually, a lot of people are having similar issue with SSL and Letsencrypt. Usually has to do with mix manual + UI edits of the nginx.conf or apache.conf which result in unable to even start these servers. You seem to be lucky enough to have it *working* for the most part. Troubleshooting these issues can be difficult without more details how your setup. Especially when your setup is nginx->apache. Additional layer makes it more difficult. Some users choose to just use nginx->php-fpm directly. Others, like myself, choose to make things simple by hosting separate website on separate user account. That's why you don't get immediate answer for these kind of questions without more details.
So what is your setup? So far, we know it's nginx->apache. How many sites per user? Where is the maindomain locate under? Same user or under admin? etc...
Re: SSL shows other domain
This seems misconfiguration issue. In my opinion you should try and remove all old certificate associated with "mynewdomain.com". There should be certificate connected with mynewdomain.com that is retrieving certificate information of mymaindomain.com
Re: SSL shows other domain
Hey guys,
Thanks a ton for your replies, I was getting desperate.
About the configuration: It is a standard VestaCP installation pretty much out of the box. The only changed things are in php.ini and nothing at apache or nginx. The setup is nginx-apache-mariadb-iptables-vstftp (no bind or mail suff).
I do not use "admin", I have a seperate account for company websites which all work and a private account for private or test projects.
so it is "admin","company" and "private". newdomain.com is in account private - olddomain.com is in account company. Cert error of newdomain.com says certificate is issued for olddomain.com
The odd thing is that this happened to both Letsencrypt and also the comodo ssl. While issuing the certificate, it clearly said newdomain.com and www.newdomain.com so the CSR should be fine aswell. ?
Thanks a ton for your replies, I was getting desperate.
About the configuration: It is a standard VestaCP installation pretty much out of the box. The only changed things are in php.ini and nothing at apache or nginx. The setup is nginx-apache-mariadb-iptables-vstftp (no bind or mail suff).
I do not use "admin", I have a seperate account for company websites which all work and a private account for private or test projects.
so it is "admin","company" and "private". newdomain.com is in account private - olddomain.com is in account company. Cert error of newdomain.com says certificate is issued for olddomain.com
The odd thing is that this happened to both Letsencrypt and also the comodo ssl. While issuing the certificate, it clearly said newdomain.com and www.newdomain.com so the CSR should be fine aswell. ?
Re: SSL shows other domain
What is the proper way to delete a certificate (besides unchecking the "Enable SSL" tickbox) ?Cian wrote:This seems misconfiguration issue. In my opinion you should try and remove all old certificate associated with "mynewdomain.com". There should be certificate connected with mynewdomain.com that is retrieving certificate information of mymaindomain.com
Re: SSL shows other domain
All your conf/config and certs should be in this folder: /home/{user}/conf/web
- check SSL configuration in: snginx.conf and sapache2.conf
- certs extensions are: {ca,crt,key,pem}
Another good place to start is to look at your logs, which should be the first place to start: /var/log/apache2/domains
I would suggest that you make sure to have good backup before making any changes.
- check SSL configuration in: snginx.conf and sapache2.conf
- certs extensions are: {ca,crt,key,pem}
Another good place to start is to look at your logs, which should be the first place to start: /var/log/apache2/domains
I would suggest that you make sure to have good backup before making any changes.