Let'sEncrypt certificate overwrite between subdomains. #613
Description
I cannot create a wildcard certificate because DNS API doesn't support it.
So, I have created a certificate for individual subdomains.
commands:
wo site update sub1.domain.com -le
wo site update sub2.domain.com -le
OS: Ubuntu 20.04.6
WordOps: v3.16.3
WAF: Sucuri (Only main domain).
All subdomains use the Sucuri DNS service only.
After creating the certificate when I opened sub2.domain.com it showed the sub1.domain.com certificate and got error Mismatch certificate error.
I check both subdomain's let'sencrypt "fullchain.pem" file and they are different and paths are properly set in ssl.conf for each subdomain.
Couldn't find out what causes this issue?
System Information
-
lsb_release -a
Ubuntu 20.04.6 -
wo info
NGINX (1.24.0 ):
user www-data
worker_processes auto
worker_connections 50000
keepalive_timeout 8
fastcgi_read_timeout 300
client_max_body_size 100m
allow 127.0.0.1 ::1 192.88.134.0/23 185.93.228.0/22 66.248.200.0/22 208.109.0.0/22 2a02:fe80::/29
PHP (7.2.34-38):
user
expose_php Off
memory_limit 128M
post_max_size 100M
upload_max_filesize 100M
max_execution_time 300
Information about www.conf
ping.path /ping
pm.status_path /status
process_manager ondemand
pm.max_requests 1500
pm.max_children 50
pm.start_servers 10
pm.min_spare_servers 5
pm.max_spare_servers 15
request_terminate_timeout 300
xdebug.profiler_enable_trigger off
listen php72-fpm.sock
Information about debug.conf
ping.path /ping
pm.status_path /status
process_manager ondemand
pm.max_requests 1500
pm.max_children 50
pm.start_servers 10
pm.min_spare_servers 5
pm.max_spare_servers 15
request_terminate_timeout 300
xdebug.profiler_enable_trigger on
listen 127.0.0.1:9172
PHP (7.3.33-10):
user
expose_php Off
memory_limit 128M
post_max_size 100M
upload_max_filesize 100M
max_execution_time 300
Information about www.conf
ping.path /ping
pm.status_path /status
process_manager ondemand
pm.max_requests 1500
pm.max_children 50
pm.start_servers 10
pm.min_spare_servers 5
pm.max_spare_servers 15
request_terminate_timeout 300
xdebug.profiler_enable_trigger off
listen php73-fpm.sock
Information about debug.conf
ping.path /ping
pm.status_path /status
process_manager ondemand
pm.max_requests 1500
pm.max_children 50
pm.start_servers 10
pm.min_spare_servers 5
pm.max_spare_servers 15
request_terminate_timeout 300
xdebug.profiler_enable_trigger on
listen 127.0.0.1:9173
PHP (7.4.33):
user
expose_php Off
memory_limit 128M
post_max_size 100M
upload_max_filesize 100M
max_execution_time 300
Information about www.conf
ping.path /ping
pm.status_path /status
process_manager ondemand
pm.max_requests 1500
pm.max_children 50
pm.start_servers 10
pm.min_spare_servers 5
pm.max_spare_servers 15
request_terminate_timeout 300
xdebug.profiler_enable_trigger off
listen php74-fpm.sock
Information about debug.conf
ping.path /ping
pm.status_path /status
process_manager ondemand
pm.max_requests 1500
pm.max_children 50
pm.start_servers 10
pm.min_spare_servers 5
pm.max_spare_servers 15
request_terminate_timeout 300
xdebug.profiler_enable_trigger on
listen 127.0.0.1:9174
PHP (8.1.18):
user
expose_php Off
memory_limit 128M
post_max_size 100M
upload_max_filesize 100M
max_execution_time 300
Information about www.conf
ping.path /ping
pm.status_path /status
process_manager ondemand
pm.max_requests 1500
pm.max_children 50
pm.start_servers 10
pm.min_spare_servers 5
pm.max_spare_servers 15
request_terminate_timeout 300
xdebug.profiler_enable_trigger off
listen php81-fpm.sock
Information about debug.conf
ping.path /ping
pm.status_path /status
process_manager ondemand
pm.max_requests 1500
pm.max_children 50
pm.start_servers 10
pm.min_spare_servers 5
pm.max_spare_servers 15
request_terminate_timeout 300
xdebug.profiler_enable_trigger on
listen 127.0.0.1:9181
PHP (8.2.6):
user
expose_php Off
memory_limit 3000M
post_max_size 100M
upload_max_filesize 100M
max_execution_time 300
Information about www.conf
ping.path /ping
pm.status_path /status
process_manager ondemand
pm.max_requests 1500
pm.max_children 50
pm.start_servers 10
pm.min_spare_servers 5
pm.max_spare_servers 15
request_terminate_timeout 300
xdebug.profiler_enable_trigger off
listen php82-fpm.sock
Information about debug.conf
ping.path /ping
pm.status_path /status
process_manager ondemand
pm.max_requests 1500
pm.max_children 50
pm.start_servers 10
pm.min_spare_servers 5
pm.max_spare_servers 15
request_terminate_timeout 300
xdebug.profiler_enable_trigger on
listen 127.0.0.1:9182
MySQL (10.5.20-MariaDB) on localhost:
port 3306
wait_timeout 60
interactive_timeout 28800
max_used_connections 56
datadir /var/lib/mysql/
socket /var/run/mysqld/mysqld.sock
my.cnf [PATH] /etc/mysql/conf.d/my.cnf
-
nginx -V
nginx version: nginx/1.24.0 (WordOps Nginx-wo)
built with OpenSSL 1.1.1f 31 Mar 2020
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fdebug-prefix-map=/build/nginx-bNEOJT/nginx-1.24.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -flto -ffat-lto-objects -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -fPIC -flto -ffat-lto-objects' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --build='WordOps Nginx-wo' --with-debug --with-pcre-jit --with-file-aio --with-threads --with-http_ssl_module --with-http_v2_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-openssl-opt='zlib enable-ec_nistp_64_gcc_128 enable-tls1_3 no-ssl3-method -fPIC' --with-http_addition_module --with-http_geoip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_sub_module --with-http_xslt_module --without-http_memcached_module --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/headers-more-nginx-module --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/nginx-auth-pam --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/nginx-cache-purge --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/nginx-echo --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/nginx-upstream-fair --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/ngx_http_substitutions_filter_module --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/memc-nginx-module --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/srcache-nginx-module --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/HttpRedisModule --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/redis2-nginx-module --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/ngx_devel_kit --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/set-misc-nginx-module --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/nginx-module-vts --add-module=/build/nginx-bNEOJT/nginx-1.24.0/debian/modules/ngx_brotli -
wo -v
WordOps v3.16.3 -
wp cli info --allow-root
OS: Linux 5.4.0-169-generic WordOps v3.10.0 #187-Ubuntu SMP Thu Nov 23 14:52:28 UTC 2023 x86_64
Shell: /bin/bash
PHP binary: /usr/bin/php8.2
PHP version: 8.2.6
php.ini used: /etc/php/8.2/cli/php.ini
MySQL binary: /usr/bin/mysql
MySQL version: mysql Ver 15.1 Distrib 10.5.20-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
SQL modes: STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
WP-CLI root dir: phar://wp-cli.phar/vendor/wp-cli/wp-cli
WP-CLI vendor dir: phar://wp-cli.phar/vendor
WP_CLI phar path: /home/ubuntu
WP-CLI packages dir:
WP-CLI cache dir: /root/.wp-cli/cache
WP-CLI global config:
WP-CLI project config:
WP-CLI version: 2.7.1 -
curl -sL git.io/fjAp3 | sudo -E bash -
Here the link to provide in your github issue : https://transfer.vtbox.net/pKRNLe/wordops.txt