Apache ServerName uses AlternativeName instead of CommonName

apache-2.2 ssl ssl-certificate mod-ssl

I have recently purchased an SSL Certificate. The CommonName (CN) of the certificate is www.mydomain.com and has several AlternativeNames such as subdomain1.mydomain.com, subdomain2.mydomain.com etc.

I have installed this on a server using Apache 2.2.17 and mod_ssl, and all works fine, except I am gettings a warning saying:

[warn] RSA server certificate CommonName (CN) `www.mydomain.com` does NOT match server name!?

This is because the ServerName is defined as subdomain1.mydomain.com. The certificate is still valid, but is there anything I can do to remove the warning? Or can I just ignore it?


Ignore it.

It's doing some very basic validity checks, that would hold true if you weren't using alternate names - a client browser's validity checking is much more robust, and as you know, has no problem with the certificate.

If you have more than one VirtualHost on an SSL port, you'll probably see a warning for that, too. Same deal - it's designed to warn you if something's not making sense for a simple, basic config - but you know that it's working like it's supposed to, so you can disregard.

Related

Equivalence of two characterizations of the norm of a quadratic integer.
Does Memcached support IPv6
Path connectedness of the set $\{(x,y):(x+1)^{2}+y^{2}\leq 1\}\cup\{(x,y):y=x\sin(\frac{1}{x}),x>0\}$
PowerCLI: Run commands in virtual-machine
separately continuous functions $f: \mathbb{R}^2 \rightarrow \mathbb{R}$ but nowhere continuous
IIS slows down at 1000 concurrent connections
Number of roots of a sequence of a uniformly convergent holomorphic functions implies an upper bound for the number of roots of their limit
Remote desktop for Mac, over internet
Pseudo metric spaces are not Hausdorff.
Speed of copying files on a remote server
Compute ratio of a rectangle seen from an unknown perspective
Postgresql: change default data path