Question
Getting "site is not secure" error after using certbot to get SSL
- Posted September 11, 2019
- ApacheWordPressDigitalOceanFAQGetting StartedInitial Server SetupSecurityUbuntu 16.04
Hi,
I have DigitalOcean WordPress droplet. I just recently connected my NameCheap domain to my IP. Then, I used certbot --apache -d domain.com -d www.domain.com, and it said for www.domain.com it could not find a virtual host. It gave me an option of which host to choose, so I chose one and proceeded.
Now when I try to access my website, I get the “Site is not secure” error and when I click more info, it says “The hostname in the website’s security certificate differs from the website you are trying to visit. Error Code: DLG_FLAGS_SEC_CERT_CN_INVALID”
Do you know how I can fix this?
Thanks in advance!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
I agree – seems you haven’t generated the SSL properly.
Check out Certbot - a free, open source tool that auto installs Let’s Encrypt certs on manual admin systems like a DO droplet.
Here are some useful commands:
Know Ubuntu version: lsb_release -a
Test Nginx conf file for manual installation: sudo nginx -t
Reload Nginx before testing SSL Certificate: sudo nginx -s reload
Once the cert is properly installed, if you’re still getting a mixed content warning try this tool. Pretty handy to expose any files, especially 3rd party, that are rendering as HTTP in your source code.
Good luck!
Hi @rane,
It seems you haven’t generated your SSL for the proper domain name. I’ll recommend using Let’s Encrypt directly from it’s repo. You can check this article.
Having said that, this will only generate the certificate. If you wish to further add the vhost, I’ll suggest checking articles like THIS
Anything else than that, will be just guessing on our part.
Kind regards, Kalin