From August 19th 2020, SECTIGO issues SSL certificates with a maximum lifetime of 398 days (13 months) as specified by CA/Browser consortium. SSL certificates with a longer lifetime must be re-issued annually (free of charge). You'll receive reminders via e-mail. SSL certificates issued before August 19th 2020 remain valid until their planned expiry date. Code Signing & S/MIME certificates are not affected and remain valid until their planned expiry date.

Apache warning: server certificate does NOT include an ID which matches the server name

This warning may occur when the configured "ServerName" from apache does not exactly match the COMMON NAME field from the SSL certificate. Example:

Apache ServerName
Apache ServerAlias
SSL certificate Common (incl. SAN entry for "")

-> Result: apache shows the warning, even though "" is perfectly covered by the SSL certificate (via it's SAN entry for "")

If you switch ServerName and ServerAlias:
Apache ServerName
Apache ServerAlias
SSL Common (incl. SAN entry "")

... then the warning will be gone, das "ServerName" now exactly matches the domain name in the COMMON NAME field of the SSL certificate.

Conclusion: You may simply ignore this warning as it does not impact the validity of your SSL installation, or you simply swap ServerName and ServerAlias so that the domain is matching the COMMON NAME in your SSL certificate.

Was this answer helpful?

 Print this Article

Also Read

GeoTrust/RapidSSL: Whats the meaning of the various certificate .CER files ?

ServerCertificate.cer = Certificate specifically for your domain / wildcardCACertificate-1.cer =...

An error has occured: [2011296] CSR is invalid

This error messgae is typically shown when the field "COMMON NAME" inside the CSR doesn't have a...

'Broken Certificate Chain' error message

The SSL certificate chain typically consists of:ROOT Certificate INTERMEDIATE Certificate...

What does " Vendor Status: Failed Security Review - Please contact your SSL provider" mean?

This is equivalent to "Pending Manual Review by CA". It means your SSL certificate has been...

Can i redirect non-SNI capable web browsers to an alternative site?

YES, it's possible to redirect non-SNI capable browsers (Internet Explorer auf Windows XP). -...