I have the following config:

<VirtualHost 1.2.3.4:443>
    ServerName mydomain.com
    ServerAlias www.mydomain.com

    ...
</VirtualHost>

I want www.mydomain.com to be the primary domain, but I also want the user to be able to just type mydomain.com and then I redirect them to www. So the the Certificate Name is www.mydomain.com. But with that I keep getting this warning when starting apache:

AH01909: mydomain.com:443:0 server certificate does NOT include an ID which matches the server name

Everything is working fine though and I also get an A-rating on ssllabs.com. But still this warning bugs me and I’m wondering if I’m maybe missing something here?

Obviously the certificate’s CN does not match the Server Name, but it still matches an Alias.

Is this “bad practice” or is there another way to handle this that does not produce this warning? Should I even care about it? In the end it’s just a warning that something might be wrong, but it’s not. Or could this cause issues on the client side?

So far everything worked fine for me and the users didn’t complain, so I guess everything is working correctly.

Leave a Reply

Your email address will not be published. Required fields are marked *