Question

SSL Inconsistent server configuration

Hi,

I have a Droplet with several domains with SSL and everything works fine when I visit all my sites. Everything is green and beautiful and no errors at all.

So, I tested one of my sites with SSLabs and found out that I have an inconsistent server configuration.

I tested my site https://www.webkreativ.hr and found out here that Certificate #2 is from my other website on the server.

I checked and double checked all the certificates for webkreativ.hr and there is no link or anything to the other certifixcate that is supposed to be on the other website.

Has anyone had this issue before? I cannot figure out why the Cert #2 is from my other website.

Best regards.


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Containers would only fix a security issue with multiple wordpress installs. I am not sure how this issue can still happen if the certificates have been separated into files and each file contains only one BEGIN header and one END header.

You must create separate certificate files for each vhost (each site in sites-enabled/available), you can’t just have 1 ssl for all, you may instead use same key, but you need 1 .crt for each (otherwise you get this mismatch error)

So, a balkanmat_se.crt, a webkreativ_hr.crt and so on for each site you want to host. Good luck!

You need to delete the balkanmat.se certificate. If the certificates of the 2 domains are in separate files, delete the file which contains balkanmat.se and remove this domain from nginx config.

Otherwise you will need to open the single certificate file (that contains both) with vim/nano and delete the lines where the balkanmat.se one is found and save the file.

To properly identify the certificate in the file, you can use https://www.sslshopper.com/certificate-decoder.html

All certificates have a start header and an end header (and if the same files contains more than 1, the headers are repeated for each).

Hope this helps!