Thawte SSL Cert - Apache shows waring CN does not match server name

Discussion in 'HOWTO-Related Questions' started by DantePasquale, Feb 18, 2013.

  1. DantePasquale

    DantePasquale Member HowtoForge Supporter

    Hi All,

    I recently requested a thawte SSL cert for one of my customers. i have downloaded the crt and installed via the ISPConfig 3 CP. I have also included their 'bundle' crt.

    Things are basically working but I see in the Apache error log:

    [Mon Feb 18 13:59:53 2013] [warn] RSA server certificate CommonName (CN) `' does NOT match server name!?
    If I dump the crt via openssl I see:

    root@webserver2:/var/www/ openssl x509 -in -noout -subject
    subject= / Organization/O=Self Funded Plans, Inc./serialNumber=559576/C=US/ST=Ohio/L=Cleveland/
    In the /etc/apache2/sites-available I see:

    So, from the screen where I requested the SSL for this site I entered:

    Organizational Unit:
    SSL Domain:

    Should I have set the OU to '' instead of ''?
    But when I did that and requested from thawte, the cert came back w/o the 'www' :) So I'm confused :(

  2. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    You should ask Thawte if the certificate is valid for and Usually that is the case (at least with the CAs I use to work with) - maybe Thawte has a different policy?

Share This Page