Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
NameForYou2018-12-12 06:48:16
Apache HTTP Server
NameForYou, 2018-12-12 06:48:16

Why is the old SSL certificate displayed in the browser?

For the test, I installed a Let's Encrypt certificate. I decided to buy a paid one from Comodo, demolished all the files from the old one, uploaded everything from the new one, double-checked it 10 times.
The config is as follows:

<VirtualHost domain.com:80>
   ServerName domain.com
   Redirect / https://domain.com
</VirtualHost>

<IfModule mod_ssl.c>
   Listen 443
<VirtualHost domain.com:443>
   ServerName domain.com
   DocumentRoot /var/www/html
   SSLEngine on
   SSLCertificateFile	/etc/apache2/ssl/domain_com.crt
   SSLCertificateKeyFile /etc/apache2/ssl/privateKey.key
   SSLCertificateChainFile /etc/apache2/ssl/domain_com.ca-bundle
   #SSLCACertificateFile /etc/apache2/ssl/domain_com.ca-bundle
   ErrorLog ${APACHE_LOG_DIR}/error.log
   CustomLog ${APACHE_LOG_DIR}/access.log combined
   CustomLog ${APACHE_LOG_DIR}/ssl.log "%a \"%{SSL_PROTOCOL}x\""
   ErrorLog /var/log/apache2/ssl_engine.log
    LogLevel debug

<Directory "/var/www/html">
   AllowOverride All
   allow from all
   Options +Indexes
</Directory> 

</VirtualHost>

Restarted the server about fifty times, rebooted iron.
Through commands (external ip, domain, localhost):
openssl s_client -connect 1.1.1.1:443 -showcerts
openssl s_client -connect domain.com:443 -showcerts
openssl s_client -connect localhost:443 -showcerts

Shows the required certificate from Comodo, tracing in the logs also indicates the correct path to the files and the correct certificate. And in the browser, even if you crack, it shows the old Let's Encrypt. I tried Firefox, Chrome, Opera, Ya Browser, Microsoft Edge, in incognito, with clearing the cache - the old certificate is everywhere. I can't figure out where it comes from?
If you change the port in the apache2 settings and enter it with a different port in the address bar, for example domain.com:4433, then the new certificate works, if you return the default port 443, then Let's Encrypt again appears out of nowhere.
Help someone, I'm tormented!)
Server on Ubuntu 16.04, nginx never stood, only apache2

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
sanglyb, 2018-12-21
@sanglyb

Add www.domain.com to servername - you are referring to it. When receiving the certificate, the subdomain www?

Similar questions
A
Arx7772015-12-25 15:54:31
Trouble setting up symfony 2.7 and 3.0 (same issue). Is there any other solution? 2Reply
S
Sergey Bard2018-05-07 10:55:17
How to reset the cache? 0Reply
P
Petr Volkhanov2018-05-09 14:57:56
Why do many pages give a 404 error after turning on the CNC? 2Reply
A
Andrewww2012-12-20 10:48:11
What to read about HTTP and SNMP 2Reply
H
herfleisch2012-12-23 14:00:03
File upload to server in PHP 7Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question