Apache crashes with the following error
[ssl:warn] [pid 6056:tid 408] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
when executing php script that send emails using Swiftmailer on localhost.
How to solve this issue ?
details: XAMPP v3.2.1 with PHP 5.6 , windows 8.1
asked May 19, 2015 at 12:48
3
In case this helps, I was getting the same error because I have docker started. The trick is to stop it and start apache first.
answered Jul 27, 2018 at 19:50
1
Not the answer you're looking for? Browse other questions tagged php apache ssl xampp swiftmailer or ask your own question.
Solutions ForgeRock Identity Platform Does not apply to Identity Cloud Last updated Jul 6, 2022 The purpose of this article is to provide assistance if you receive a RSA® server certificate CommonName (CN) does NOT match server name warning in the Proxy log for AM. This warning occurs when SSL is in use and AM is deployed on the Apache Tomcat™ web container. The following warning is shown in the Proxy log: Enabled SSL.Symptoms
Recent
Changes
Made changes to your proxy configuration or server certificate.
Causes
The ServerName value in your proxy configuration does not match the CommonName (CN) on the server certificate.
Solution
This issue can be resolved by making one of the following changes:
- Change the ServerName in your proxy configuration to match the CommonName on the server certificate. The CommonName is given in the warning message.
- Change the CommonName of the certificate key to match the ServerName in your proxy configuration.
Virtual Hosts
Typically when you configure an http server to use SSL, you define a VirtualHost, and assign it a ServerName and a ServerAlias; ensuring the vhost ServerName matches the CommonName in the certificate.
For example:
The CommonName in the certificate = www.am.example.com but the vhost’s ServerName is set to sso.example.com.
Change the vhost ServerName to match the certificate CommonName (www.am.example.com) and change the ServerAlias to sso.example.com:
<VirtualHost xx.yy.zz.aa:443> ServerName www.am.example.com ServerAlias sso.example.com </VirtualHost>See Also
N/A
Related Training
N/A
Related Issue Tracker IDs
N/A
Copyright and Trademarks Copyright © 2022 ForgeRock, all rights reserved.
Okay, I noticed that this post is viewed quite often recently and so it seems that a lot of people are facing the same issue that I did. If so then this might help you.
I have followed a simple step-by-step tutorial to create a SSL-certification for my webserver. Like so many tutorials out there the outcome of the tutorial I followed was a self-signed certificate using OpenSSL. Yep self-signed, that was the problem. The browser could not trust the server due to it's certificate which is signed by itself. Well I wouldn't do either...
A certificate has to be signed by an external trustworthy certificate authority (CA). So I stumbled upon Let's Encrypt which does all the work for you and is even easier to set up and the best is: it is absolutely free.
Installation
1) Delete your old ssl cert files which you have created by using OpenSSL
2) Open backports to get certbot client on Debian. You should know that this will open a hole for unfinished software! Install only the packages when you are aware about what you are doing.
echo 'deb //ftp.debian.org/debian jessie-backports main' | sudo tee /etc/apt/sources.list.d/backports.list3) Update your linux system
sudo apt-get update4) Install certbot
sudo apt-get install python-certbot-apache -t jessie-backports5) Set up apache ServerName and ServerAlias
sudo nano /etc/apache2/sites-available/000-default.conf6) Edit apache config file
<VirtualHost *:80> . . . ServerName example.com ServerAlias www.example.com . . . </VirtualHost>7) Check for a correct syntax
sudo apache2ctl configtest8) If the config file looks fine, restart apache server
sudo systemctl restart apache29) Set up a certificate using certbot and follow the instruction on screen.
sudo certbot --apacheRenewal
All certificates by Let's Encrypt are valid through 3 months. To renew the you can manually run
sudo certbot renewOr automate this service as a cron job
sudo crontab -eand enter the following row to invoke a renewal every Monday at 2:30 am.
. . . 30 2 * * 1 /usr/bin/certbot renew >> /var/log/le-renew.logYou can follow a more detailled tutorial here: //www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-debian-8