Apache was giving me lots of errors like this on my host that has multiple virtual hosts on it.
[Mon Nov 10 13:54:01 2014] [warn] RSA server certificate CommonName (CN) `www.xxx.com.au' does NOT match server name!? [Mon Nov 10 13:54:01 2014] [warn] RSA server certificate CommonName (CN) `www.yyy.com.au' does NOT match server name!? [Mon Nov 10 13:54:01 2014] [warn] RSA server certificate CommonName (CN) `www.zzz.co.uk' does NOT match server name!? [Mon Nov 10 13:54:01 2014] [warn] RSA server certificate CommonName (CN) `www.cocolo.com.au' does NOT match server name!? [Mon Nov 10 13:54:01 2014] [warn] RSA server certificate CommonName (CN) `www.aaa.com.au' does NOT match server name!? [Mon Nov 10 13:54:01 2014] [notice] Apache/2.2.22 (Debian) PHP/5.4.4-14+deb7u14 mod_ssl/2.2.22 OpenSSL/1.0.1e configured -- resuming normal operations
After a little investigation it turned out the CN in the certificate was set to www.domain but the vhost’s ServerName was set to www-less.
The solution turned out to be to ensure the vhost ServerName == the CN in the certificate. You can examine certificate with:
certtool -i < domain.cert |
And in the vhost, make sure there is a ServerAlias for the www-less version:
<VirtualHost xx.yy.zz.aa:443> ServerName www.domainname.com.au ServerAlias domainname.com.au . . . </VirtualHost> |
a few less warnings in the logs now. Phew!