Apache server certificate does NOT include an ID which matches the server name

Symptoms

Apache error log
/var/log/httpd/error_log on a Plesk server contains the following warnings:

or:

or:

Cause

This warning means that CN parameter of the certificate installed on one of domains does not match value of
ServerName
directive specified in the corresponding
VirtualHost
configuration. Additional information about SNI (Server Name Indication) could be found here. For example, default SSL certificate generated by Plesk does not contain default virtual host name in CN.

Resolution

This warning can be safely ignored. However, it is possible to disable warnings specifically for SSL. To do that:

1. Connect to the server via SSH,
2. Edit LogLevel directive in the file Apache global config to look like the following:

   • For deb-based OSes:

     # grep LogLevel /etc/apache2/apache2.conf
     LogLevel warn ssl:error

   • For rpm-based OSes:

     # grep LogLevel /etc/httpd/conf/httpd.conf
     LogLevel warn ssl:error

3. Restart Apache:

   • For deb-based OSes:

     # systemctl restart apache2

   • For rpm-based OSes:

     # systemctl restart httpd

Alternatively, install Let’s Encrypt extension and obtain a certificate: go to Domains > example.com > Let’s Encrypt > check the option Secure webmail on this domain > click Renew

Topic: certificate does NOT include an ID which matches the server name  (Read 2355 times)

0 Members and 2 Guests are viewing this topic.

I use Nginx & Apache, now there is a strange problem, the website is frequently inaccessible, Chrome shows ERR_CONNECTION_RESET, I checked the error log, it shows as follows, how can I fix it?

I've tried rebuilding the server, and reinstalling SSL, but it doesn't solve the problem. I also tested the SSL certificate using the tool and the key and certificate match.

[Wed Mar 16 03:40:52.287922 2022] [mpm_event:notice] [pid 27942:tid 140218443245440] AH00492: caught SIGWINCH, shutting down gracefully
[Wed Mar 16 03:40:52.371153 2022] [ssl:warn] [pid 28976:tid 140594806794112] AH01909: cpanel.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 03:40:52.371792 2022] [ssl:warn] [pid 28976:tid 140594806794112] AH01909: mail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 03:40:52.372764 2022] [ssl:warn] [pid 28976:tid 140594806794112] AH01909: webmail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 03:40:52.390082 2022] [ssl:warn] [pid 28977:tid 140594806794112] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Wed Mar 16 03:40:52.390603 2022] [ssl:warn] [pid 28977:tid 140594806794112] AH01909: cpanel.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 03:40:52.391149 2022] [ssl:warn] [pid 28977:tid 140594806794112] AH01909: mail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 03:40:52.391560 2022] [ssl:warn] [pid 28977:tid 140594806794112] AH01909: webmail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 03:40:52.393985 2022] [mpm_event:notice] [pid 28977:tid 140594806794112] AH00489: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips configured -- resuming normal operations
[Wed Mar 16 03:40:52.394022 2022] [core:notice] [pid 28977:tid 140594806794112] AH00094: Command line: '/usr/local/apache/bin/httpd'
[Wed Mar 16 04:17:45.705411 2022] [mpm_event:notice] [pid 28977:tid 140594806794112] AH00492: caught SIGWINCH, shutting down gracefully
[Wed Mar 16 04:17:45.760845 2022] [ssl:warn] [pid 30959:tid 140015092979584] AH01909: cpanel.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 04:17:45.761498 2022] [ssl:warn] [pid 30959:tid 140015092979584] AH01909: mail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 04:17:45.761995 2022] [ssl:warn] [pid 30959:tid 140015092979584] AH01909: webmail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 04:17:45.783688 2022] [ssl:warn] [pid 30960:tid 140015092979584] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Wed Mar 16 04:17:45.784421 2022] [ssl:warn] [pid 30960:tid 140015092979584] AH01909: cpanel.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 04:17:45.785201 2022] [ssl:warn] [pid 30960:tid 140015092979584] AH01909: mail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 04:17:45.785805 2022] [ssl:warn] [pid 30960:tid 140015092979584] AH01909: webmail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 04:17:45.788816 2022] [mpm_event:notice] [pid 30960:tid 140015092979584] AH00489: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips configured -- resuming normal operations
[Wed Mar 16 04:17:45.788860 2022] [core:notice] [pid 30960:tid 140015092979584] AH00094: Command line: '/usr/local/apache/bin/httpd'
[Wed Mar 16 08:16:02.810890 2022] [mpm_event:notice] [pid 30960:tid 140015092979584] AH00492: caught SIGWINCH, shutting down gracefully
[Wed Mar 16 08:16:02.874760 2022] [ssl:warn] [pid 10864:tid 140471621969792] AH01909: cpanel.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 08:16:02.875363 2022] [ssl:warn] [pid 10864:tid 140471621969792] AH01909: mail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 08:16:02.875825 2022] [ssl:warn] [pid 10864:tid 140471621969792] AH01909: webmail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 08:16:02.893965 2022] [ssl:warn] [pid 10866:tid 140471621969792] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Wed Mar 16 08:16:02.894490 2022] [ssl:warn] [pid 10866:tid 140471621969792] AH01909: cpanel.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 08:16:02.895037 2022] [ssl:warn] [pid 10866:tid 140471621969792] AH01909: mail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 08:16:02.895457 2022] [ssl:warn] [pid 10866:tid 140471621969792] AH01909: webmail.mydomain.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Mar 16 08:16:02.897918 2022] [mpm_event:notice] [pid 10866:tid 140471621969792] AH00489: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips configured -- resuming normal operations
[Wed Mar 16 08:16:02.897966 2022] [core:notice] [pid 10866:tid 140471621969792] AH00094: Command line: '/usr/local/apache/bin/httpd'

« Last Edit: March 17, 2022, 02:11:05 AM by gailclark80 »

First:  Make sure that you have A records pointing to your server for cpanel,webmail,mail,ftp.

In CWP, goto WebServer Settings -> SSL Certificates

Find your domain, and click on services, and check all of the services.  Hit save.  If it pops up an error, report that back.  If it goes green, then those errors should disappear.

But I don't need these subdomains, so I didn't add A records for these subdomains.
In addition, my mail is the purchased google enterprise mail, it needs to point to the A record provided by google

« Last Edit: March 17, 2022, 02:57:26 AM by gailclark80 »

Then you can safely ignore the errors.  CWP creates them by default, and uses the ssl cert for them.

But my website is often inaccessible, Google Chrome shows the error code is ERR_CONNECTION_RESET

There is error in the log: AH00492: caught SIGWINCH, shutting down gracefully

Is this error causing the website to be inaccessible?

if it's constantly restarting, there can be numerous reasons.  Check /usr/local/apache/domlogs/  and go through the error logs for the domain in question to see if there are any explained errors.

SIGWINCH is the code for something like the window being resized on linux, as it's not something common on a server install.  In any event, running it from systemctl should not be causing that issue.

There are no other errors found in the log, it seems that I have to reinstall CWP7

But my website is often inaccessible, Google Chrome shows the error code is ERR_CONNECTION_RESET

There is error in the log: AH00492: caught SIGWINCH, shutting down gracefully

Is this error causing the website to be inaccessible?

I have been getting the same errors on my servers for many years.  It's annoying and no one wants to fix it.  But it doesnt seem to have any adverse effects.

Listen to everything Pixelpadre says.

How do you fix server certificate does not include an ID which matches the server name?

What does hostname does not match server certificate mean?

How do I fix server certificate is not valid?

What certificate format does Apache use?