Apache error - server certificate does NOT include an ID which matches the server name

:warning: IMPORTANT, please fill the questions

We assume you are using Bitnami to deploy your application.

  • Which version of the application are you using?:

Wordpress 4.8.2

  • Please choose how you got the application: Installer (Windows, Linux, macOS), cloud image (AWS, GCE, Azure, …) or VM (VMDK, VBOX):

Lightsail Wirdpress image.

  • Have you installed any plugin or modified any configuration file?:

Not yet.

  • Describe here your question/suggestion/issue (expected and actual results):

After installing the image and removing the Bitnami banner, I downloaded the apache error log. The error log has an entry related to server certificate.

  • Steps to reproduce the issue (if relevant):

As above,

  • Copy the apache log (if relevant):
[Mon Oct 16 23:17:27.275017 2017] [ssl:warn] [pid 2995:tid 140056372954944] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
[Mon Oct 16 23:17:27.326580 2017] [ssl:warn] [pid 2996:tid 140056372954944] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
[Mon Oct 16 23:17:27.347128 2017] [mpm_event:notice] [pid 2996:tid 140056372954944] AH00489: Apache/2.4.27 (Unix) OpenSSL/1.0.2l configured -- resuming normal operations
[Mon Oct 16 23:17:27.347160 2017] [core:notice] [pid 2996:tid 140056372954944] AH00094: Command line: '/opt/bitnami/apache2/bin/httpd.bin -f /opt/bitnami/apache2/conf/httpd.conf'
[Mon Oct 16 23:33:01.622893 2017] [mpm_event:notice] [pid 2996:tid 140056372954944] AH00491: caught SIGTERM, shutting down
[Mon Oct 16 23:33:05.720498 2017] [ssl:warn] [pid 4851:tid 140515078412096] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
[Mon Oct 16 23:33:05.762164 2017] [ssl:warn] [pid 4852:tid 140515078412096] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
[Mon Oct 16 23:33:05.778165 2017] [mpm_event:notice] [pid 4852:tid 140515078412096] AH00489: Apache/2.4.27 (Unix) OpenSSL/1.0.2l configured -- resuming normal operations
[Mon Oct 16 23:33:05.778199 2017] [core:notice] [pid 4852:tid 140515078412096] AH00094: Command line: '/opt/bitnami/apache2/bin/httpd.bin -f /opt/bitnami/apache2/conf/httpd.conf -D DISABLE_BANNER'

How do I solve the server certificate issue?

Thanks for help.

Hi,

Bitnami images come with SSL support already pre-configured and with a dummy certificate in place. Although this dummy certificate is fine for testing and development purposes, you will usually want to use a valid SSL certificate for production use. You can either generate this on your own (explained here) or you can purchase one from a commercial certificate authority.

The warning (no errors) in the Apache logs are due to this dummy certificate it is not completely configured with your server name.

I hope this information is useful for you. If you have any other question, please do not hesitate to let us know.

Best Regards,
Carlos R. Hernández

Was my answer helpful? Click on :heart:

2 Likes

Hi crhernandez,

Thanks for your reply.

I have some additional questions to clear the concent in my head.

Does OpenSSL also issue certificates? And if yes, how do I use their certificate?

Can I use Let’s Encrypt’s certificate? Are there any instructions available?

Thanks for your help.

Hi,

OpenSSL is required to create an SSL certificate,
you can find information about how to create an SSL certificate in our docs.

About how to install the WP Encrypt Plugin for Let’s Encrypt certificate generation we have the process documented in this guide.

Also, here, you can find more information about how to enable HTTPS support with SSL certificates.

Best regards,
Carlos R. Hernández

ok … I installed my SSL cert according to the docs.
But I still get the error

server certificate does NOT include an ID

My site is secure and I see the green padlock.

https://northtexasfirewalkers.org/

Hi!

Maybe logs entries are previous to the SSL activation?

We have a Support Tool that will gather relevant information for us to debug the issue. Could you please download and execute it on the machine where the stack is running?

These are the links to download the tool.

If you are using a Linux console, just type the following to download the tool:

wget -O bnsupport_tool https://downloads.bitnami.com/files/bnsupport/latest/bnsupport-linux-x64.run && \
chmod +x bnsupport_tool && \
./bnsupport_tool

You will be prompted to indicate the directory where your stack is installed (which is /opt/bitnami on VMs and Cloud Images by default).

NOTE: The tool will inform you about the information that will be shared with us and you can decide wether to share it or not. Please review it and ask us any doubt you have if you do not agree with sharing some of the information.

Best regards,
Carlos R. Hernández

1 Like

Done … do i copy paste the hash here?

Hi,

Yes please, copy here the hash, on this way we can access to your logs in order to analyze the content.

Best regards,
Carlos R. Hernández

5621bec4-690d-5b98-ccaa-543ca21cedab

Hello @ricardol,

Thanks for sharing the hash. In order to get rid of that warning, you have to set the ServerName property to your domain in the /opt/bitnami/apache2/conf/httpd.conf file.

By default it is localhost:80, so you should change it to the following:

#
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
#
ServerName YOUR_DOMAIN:80

Change the placeholder YOUR_DOMAIN by your actual domain.

Also, remember to make a backup of the file before change any settings and also check that the syntax is correct with this command:

apachectl -t

Finally, restart your apache server.

sudo /opt/bitnami/ctlscript.sh restart apache

I hope it helps,
Tomas

1 Like

Ok … cool … should i change the port to 443? I do have an SSL Cert … or should it still listen on port 80?

And should it just be northtexasfirewalkers.org … no http(s}://

Hi @ricardol,

You need to edit the line as @tomasp mentioned, using port 80.

Additionally, it is worth mentioning that you also need valid certificates. In order to generate some sample certificates, you can must replace the certificates inside /opt/bitnami/apache2/conf. You can read this guide for creating new self-signed certificates: https://docs.bitnami.com/aws/apps/wordpress/#how-to-create-an-ssl-certificate

It is important that your new certificates refer to your hostname (e.g. “mydomain.com”), which is the domain/IP from which you’re accessing that instance.

Also, keep in mind that it is recommended for you to sign the certificates with a Certificate Authority (not to self-sign them, which is what the guide does), or you will be warned each time you access your site with SSL.

I’ve been running a Bitnami install without errors since Jan. and this error appeared today. Does the dummy certificate expire?
Thanks.

Hi @pixeldroid,

Maybe it is the same reason, but in order to make sure, we have a Support Tool that will gather relevant information for us to debug the issue. Could you please download and execute it on the machine where the stack is running by following the steps described in the guide below? You must click on the platform or cloud that you are using to find the correct instructions.

How to Run the Bitnami Support Tool

Please note that you need to paste the code outputted by the tool in your reply.

Best regards,
Carlos R. Hernández

Thanks Carlos. I re-installed Bitnami WordPress stack and it is working. Interestingly, it installed on Port 81. Perhaps something has been grabbing Port 80. Note that there was an issue when I uninstalled: I ran the uninstaller directly from the Bitnami install dir. That was probably a mistake because after it ran, I was unable to uninstall the Bitnami Wordpress Stack and Bitnami Xampp from the Windows Program Manager - it reported that it was unable to find them. I was able to uninstall those 2 using WiseCare.
Thanks for the followup,.

Hi,

Yes, if port 80 is in use, the application will be installed in port 81. About the uninstall issue, as part of the installation process, an uninstaller executable or script will be created in the installation directory. Uninstallation can be performed in graphical, text and unattended modes.

To begin the uninstallation process in graphical mode, double-click the uninstaller executable file and follow the steps shown, according to your description it seems that you follow this process, so the uninstallation should have worked correctly.

Best regards,
Carlos R. Hernández

On the uninstall: The directory was empty after I double-clicked the uninstaller executable file, but it left vestiges in “Programs and Features” which Windows could not remove. It is possible the vestiges were from a previous Bitnami install/uninstall, but I don’t think that is the case.

You might want to try an install of WP Stack and install an additional WP app using https://bitnami.com/redirect/to/214387/bitnami-wordpress-4.9.6-0-module-windows-installer.exe. Then uninstall using the uninstaller executable file and check ‘Programs and Features’ for Bitnami software.
Thanks.

Hi,

I am trying to reproduce the issue but in my case, the uninstallation works as expected. I tried using the Windows installer:

The link that you provide is a XAMP module (it is not the same than a windows installer). Do you really want to install a module or are you using the installer?

I also repeat the process through ‘Programs and Features’ and the uninstallation works fine. Possibly it is due to a conflict between different facilities or something like that. Thanks for reporting the problem, we will be vigilant if it happens to more users. At this moment, are you experiencing some kind of issue?

Best regards,
Carlos R. Hernández

Thanks for the followup. I am no longer experiencing any issues.

However, to verify: after installing the Bitnami WP Stack, if I want to add additional WP installs, I run
https://bitnami.com/redirect/to/214386/bitnami-wordpress-4.9.6-0-windows-installer.exe from withing the Bitnami directory?
Thanks.

Hi,

You can install another WordPress without problem, you should choose a new installation directory and a different port.
Also, you may want to take a look at WordPress multisite. WordPress Multisite is the same software that powers Wordpress.com, enabling administrators to host and manage multiple websites from the same WordPress instance:

Best regards,
Carlos R. Hernández