Certificate mismatch for www/straight domain

Problem Description

https://elkstones.org is giving a certificate error

Any Error Messages

Seems to be bacause the certificate is for www.elkstones.org

Am I being thick?

Environment

  • Sympl Version [9.0/10.0]:
  • Sympl Testing Version? [Yes/No]
  • Debian Version [Buster/Stretch]:
  • Hardware Type? [Dedicated/Virtual/Pi]
  • Hosted On? [nam]

Welcome, @SimonF!

It looks like both URLs are using self-signed certificates at the moment, which suggests the server doesn’t have a cert right now.

If you run sudo sympl-ssl --verbose --force elkstones.org Sympl will try and retrieve an SSL cert from Let’s Encrypt (ignoring any certs it has at the moment), and output what it’s doing along the way.

That should sort it for you, but if it doesn’t, post the output here and we should be able to make sense of it!

By jove you’re bang on Sir!

Thank you very much indeed.

Now I need to work out why it didn’t happen automagically :slight_smile:

It doesn’t happen automatically immediately when you create the website as you may be adding different subdomains, or not have DNS pointed there yet, so it happens in the daily cron run, usually overnight.

The downside is that the current version (inherited from Sympl’s predecessor) assumes that if it has a certificate that matches any of the relevant domain names, it assumes it’s okay, not checking if theres other subdomains/aliasses which are working - and, if it attempted to get domains blindly all the time (even only daily if you have a lot of domains), it would upset Let’s Encrypt.

This is fixed in the new version which is in development, as it does checks to see what domain names are actually working versus what you currently have set up, so it’ll be able to run more frequently, but that’s coming When It’s Ready™.

1 Like

Cheers Kelduum, It’s at the limit of my understanding but I jove it.

Was using the predecessor on the old host for ages but am migrating to Sympl and the community feels nice.

Keep up the good work, stay safe.

1 Like