I recently purchased an SSL certificate.
I've got www.site.com.key
, www.site.com.csr
, intermedia.pem
, www.site.com.crt
all set up in my /etc/ssl/localcerts
folder.
When I open my browser I get the following :
The other problem I get is within /var/log/apache2/error.log
:
[warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[warn] RSA server certificate CommonName (CN) `site.com' does NOT match server name!?
I think the problem is that I've submitted the .csr file with the common name being site.com
instead of www.site.com
. Therefore the common name, not matching with my server name – www.site.com
Is there any way to get around this problem by manipulating the servername on the server? How can I do this? Or do I have to re-consider getting another SSL certificate with the right credentials?
Thanks in advance.
Best Answer
I would not change the server name, since that would mean that all your search engine results would need updating, and that will take time.
When purchasing server certificates, the standard way is to send the
.csr
withwww.
prefix. The certificate provider will then issue a certificate both with and without the prefix.