Entrust Datacard

Entrust Certificate Services Support Knowledge Base

Last Modified: 2016-07-05 16:22:14.0

Why do I receive the Error: "RSA server certificate CommonName (CN) 'www.domain.com' does NOT match server name"?

Article Number: 45738

You may receive the following error when starting up Apache

Error: "RSA server certificate CommonName (CN) 'www.domain.com' does NOT match server name"
This will occur if port 443 was added to both the ServerName and VirtualHost directives and if the Server Name does not match the domain name on the certificate. To resolve this please remove :443 from the servername.

<VirtualHost 192.204.135.134:443>
ServerName www.domain.com:443
DocumentRoot /home/directory/html
SSLEnable
SSLCertificateFile /www.domain.crt
SSLCertificateKeyFile /www.domain.key
</VirtualHost>


The VirtualHost example below is the correct method of using an SSL enabled VHost.  As you can see :443 has been removed from the ServerName parameter.

<VirtualHost 192.204.135.134:443>
ServerName www.domain.com
DocumentRoot /home/directory/html
SSLEnable
SSLCertificateFile /www.domain.crt
SSLCertificateKeyFile /www.domain.key
</VirtualHost>

TN6559

Affected Products:

  • Entrust Certificate Services 1 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 1 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Cert Admin Advantage Server Certificate 1 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Cert Admin Advantage Server Certificate 2 Year Version Not Applicable Language Not Applicable Platform Not Applicable