Getting: NET::ERR_CERT_COMMON_NAME_INVALID after moving hosting from Netlify to my Droplet.

I’m in the process of moving all my Netlify domains into my DigitalOcean Droplet and wanted to make this the main one (the rest as subdomains). I already have a Node API hosted on the default sites-available.

I follwed this tutorial:

In my /var/www/ I have a folder called which is the domain name. Within this has public_html and contains index.html and the rest of the static site pulled via Git. My API code is hosted in my Home directory under RepetitioServer.

Within my /etc/nginx/sites-available is which has my server file which contains:

server {
    listen 80;
    listen [::]:80;

    root /var/www/;

    index index.html;


    ssl_certificate /etc/letsencrypt/live/;
    ssl_certificate_key /etc/letsencrypt/live/;
    ssl_trusted_certificate /etc/letsencrypt/live/;

    access_log /var/log/nginx/;
    error_log /var/log/nginx/;

    include snippets/ssl-params.conf;
    location ~ /.well-known {
       allow all;

    location / {
        try_files $uri $uri/ =404;

I ran certbot and got the OK and copied the certs URL as shown above. Running sudo nginx -t returns nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful

Now when I navigate to I get

Your connection is not private
Attackers might be trying to steal your information from (for example, passwords, messages, or credit cards). Learn more

My default server file looks like:

server {
    listen 80;
    listen 127.0.01;
    listen [::]:80 ipv6only=on;
    return 301 https://$host$request_uri;
# HTTPS — proxy all requests to the Node app
server {
    # Enable HTTP/2
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    # Use the Let’s Encrypt certificates
    ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot

    # Include the SSL configuration from
    include snippets/ssl-params.conf;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_pass http://localhost:5000/;
        proxy_ssl_session_reuse off;
        proxy_set_header Host $http_host;
        proxy_cache_bypass $http_upgrade;
        proxy_redirect off;


Should also mention that I updated my CNAME records and have my domain in DigitalOcean Dashboard pointing to my droplet.

Any help is greatly appreciated.


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hi @hbendixlewis,

It seems like there is something wrong with your SSL certificate. I’ll recommend you to check the certificate from here :

ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot

And verify it actually works properly (here)[].

If the Certificate and the Key do not match, I’ll recommend reissuing the certificate.

Regards, KDSys