Apache ServerName uses AlternativeName instead of CommonName
I have recently purchased an SSL Certificate. The CommonName (CN) of the certificate is www.mydomain.com
and has several AlternativeNames such as subdomain1.mydomain.com
, subdomain2.mydomain.com
etc.
I have installed this on a server using Apache 2.2.17 and mod_ssl, and all works fine, except I am gettings a warning saying:
[warn] RSA server certificate CommonName (CN) `www.mydomain.com` does NOT match server name!?
This is because the ServerName
is defined as subdomain1.mydomain.com
. The certificate is still valid, but is there anything I can do to remove the warning? Or can I just ignore it?
Ignore it.
It's doing some very basic validity checks, that would hold true if you weren't using alternate names - a client browser's validity checking is much more robust, and as you know, has no problem with the certificate.
If you have more than one VirtualHost
on an SSL port, you'll probably see a warning for that, too. Same deal - it's designed to warn you if something's not making sense for a simple, basic config - but you know that it's working like it's supposed to, so you can disregard.