Thawte SSL Cert - Apache shows waring CN does not match server name

Discussion in 'HOWTO-Related Questions' started by DantePasquale, Feb 18, 2013.

  1. DantePasquale

    DantePasquale Member HowtoForge Supporter

    Hi All,

    I recently requested a thawte SSL cert for one of my customers. i have downloaded the crt and installed via the ISPConfig 3 CP. I have also included their 'bundle' crt.

    Things are basically working but I see in the Apache error log:

    [Mon Feb 18 13:59:53 2013] [warn] RSA server certificate CommonName (CN) `' does NOT match server name!?
    If I dump the crt via openssl I see:

    root@webserver2:/var/www/ openssl x509 -in -noout -subject
    subject= / Organization/O=Self Funded Plans, Inc./serialNumber=559576/C=US/ST=Ohio/L=Cleveland/
    In the /etc/apache2/sites-available I see:

    So, from the screen where I requested the SSL for this site I entered:

    Organizational Unit:
    SSL Domain:

    Should I have set the OU to '' instead of ''?
    But when I did that and requested from thawte, the cert came back w/o the 'www' :) So I'm confused :(

  2. falko

    falko Super Moderator ISPConfig Developer

    You should ask Thawte if the certificate is valid for and Usually that is the case (at least with the CAs I use to work with) - maybe Thawte has a different policy?

Share This Page