During some free time on my wonderful vacation to Denver last week, I noticed an error with the SSL certificate on my company's website. Being the company's Information Systems & Security Manager, I should have noticed this earlier.

Low and behold there was an error right on my phone screen....

Now that I think about it, I may have heard about it from one of our member's Managed Service Provider in an email not too long ago after I told the member that their SPF record was incorrect and their emails were not being delivered successfully. That is another story...

So what really was the issue?

As you can see in the picture above, the warning I received was that the certificate did not match the URL.

So let's take a look at the certificate in more detail...

The certificate was issued to "www.frostyacres.com".

But that looks correct, right?

In a sense, it does. However, the first image was making a request to "frostyacres.com" and not "www.frostyacres.com". The browser is looking for the certificate for "frostyacres.com".

So how do you fix it?

To fix this issue, you must go back and have a cert reissued for "frostyacres.com" with "www.frostyacres.com" as a Certificate Subject Alternative Name.

I should have known this because this is how my SSL certificate is configured on my personal website brandonscloud.com.

The certificate for my personal website is issued to brandonscloud.com and has brandonscloud.com as an Alternative Name

Since we used a free SSL certificate from LetsEncrpty and our web server is running on a common Linux distribution, I had to run several terminal commands to get Certbot to reissue the certificate. Certbot is a free, open-source software tool for automatically using Let’s Encrypt certificates on manually-administrated websites to enable HTTPS.

Several commands later, I had a valid certificate.

However, I did manage to break a few things but had my web developer next to me and we quickly got the website back online within a few minutes.

The new certificate looks good and we shouldn't see any issues.

I hope you enjoyed the read. Please feel free to leave any comments.