SSL:WARN Server certificate does NOT include an ID

Hello,

I am getting this error with every server restart

[Tue Sep 22 05:36:10.620711 2020] [mpm_event:notice] [pid 771:tid 140519184137280] AH00493: SIGUSR1 received. Doing graceful restart
AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using ADMIN.DOMAIN. Set the ‘ServerName’ directive globally to suppress this message
[Tue Sep 22 05:36:10.738062 2020] [ssl:warn] [pid 771:tid 140519184137280] AH01909: IP.ADDRESSES.(1):443:0 server certificate does NOT include an ID which matches the server name
[Tue Sep 22 05:36:10.738442 2020] [ssl:warn] [pid 771:tid 140519184137280] AH01909: IP.ADDRESSES.(2):443:0 server certificate does NOT include an ID which matches the server name
[Tue Sep 22 05:36:10.738871 2020] [mpm_event:notice] [pid 771:tid 140519184137280] AH00489: Apache/2.4.46 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1g configured – resuming normal operations
[Tue Sep 22 05:36:10.738887 2020] [core:notice] [pid 771:tid 140519184137280] AH00094: Command line: ‘/usr/sbin/apache2’

This is the config file located at /etc/apache2/conf.d/PUBLIC-IP.conf

Also this is the config file located at /etc/apache2/apache2.conf

I’m getting this when I run “systemctl status apache2.service” :

Can you please assist me fix the problem.

Thank you

there is no fix.

it literally says there is no (domain-)name in the cert that matches your servername … you are using an IP instead of a domain as servername.
because certificates can’t be issued properly to just IPs you’ll have to live with the warning as is :wink:

1 Like

Hello,

Thank you for your support falzo.

How can I use a domain as servername?

  1. When dealing with Apache problems first thing to do is : sudo apachectl configtest and sudo systemctl status apache2.service
  2. check hostname of your box, type : hostname or hostnamectl
    whats the output of that?
    if you get DNS name like mail.yourdomain.com or something similar you have to add line to
    the end of /etc/apache2/apache2.conf :
    ServerName mail.yourdomain.com
    or you can create file fqdn.conf in /etc/apache2/conf.d/
    and put the same line there:
    ServerName mail.yourdomain.com
  3. sudo apachectl configtest
  4. sudo systemctl restart apache2.service
1 Like

Thanks parzival, This error has been fixed

AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using ADMIN.DOMAIN. Set the ‘ServerName’ directive globally to suppress this message

But I am still getting the other errors.

[ssl:warn] [pid 771:tid 140519184137280] AH01909: IP.ADDRESSES.(1):443:0 server certificate does NOT include an ID which matches the server name
[ssl:warn] [pid 771:tid 140519184137280] AH01909: IP.ADDRESSES.(2):443:0 server certificate does NOT include an ID which matches the server name

I appreciate you support.

No problem :smiley:
Can you renew the certificate?

Thank you for your support parzival.

Its as falzo said

Its not possible …