Apache warning: server certificate does NOT include an ID which matches the server name

This warning may occur when the configured "ServerName" from apache does not exactly match the COMMON NAME field from the SSL certificate. Example:

Apache ServerName domain.com
Apache ServerAlias www.domain.com
SSL certificate Common Namewww.domain.com (incl. SAN entry for "domain.com")

-> Result: apache shows the warning, even though "domain.com" is perfectly covered by the SSL certificate (via it's SAN entry for "domain.com")

If you switch ServerName and ServerAlias:
Apache ServerName www.domain.com
Apache ServerAlias domain.com
SSL Common Namewww.domain.com (incl. SAN entry "domain.com")

... then the warning will be gone, das "ServerName" now exactly matches the domain name in the COMMON NAME field of the SSL certificate.


Conclusion: You may simply ignore this warning as it does not impact the validity of your SSL installation, or you simply swap ServerName and ServerAlias so that the domain is matching the COMMON NAME in your SSL certificate.

Was this answer helpful?

 Print this Article

Also Read

ASN1 bad tag value met. 0x8009310b

Question: I get CertEnroll::Cx509Enrollment::p_InstallResponse: ASN1 bad tag value met....

GeoTrust/RapidSSL: Whats the meaning of the various certificate .CER files ?

ServerCertificate.cer = Certificate specifically for your domain / wildcardCACertificate-1.cer =...

ErrorCode:-9009|Message:Vendor returns error:ErrorField:CSR|ErrorMessageThe common name in the CSR does not match the site's domain name

This error may occur when you are re-issuing a certificate and are using a different COMMON NAME...

IIS/Exchange: wie kann ich den "Extra Download" im SSL Labs Test für "USERTrust RSA Certification Authority" verhindern?

In mmc.exe das Zertifikat Snap-In für "Lokaler Computer" hinzufügen. Dann bei "Vertrauenswürdigen...

DNS Auth / DNS validation via CNAME

For DNS validation a CNAME entry has to be added in your domains DNS settings.You can use the...