Add a subdomain

Hi,

I did install certbot and it works perfectly. For now I have:

If tomorrow I want :

do I need to do something or the certificate is valid for any subdomain that is links with my domain ?? I don't want to make any mistake and break what is already works.

Also anyone know how I can add the "www" ? Because for now if I try to access to my website with "https://www.mydomain.fr/portofolio" I have a warning.

Thanks :slight_smile:

1 Like

If you didn't create a wildcard certificate, it's not valid for random subdomains, no.

You should add those subdomains to your certificate.

Re-issue your certificate, but also include the www subdomain.

1 Like

No I didn't. I've just followed the documentation (Certbot - Ubuntufocal Apache)

I believe to add a wildcard I'll have to follow that tutorial : Issue Let's Encrypt Wildcard Certificate using Certbot - Interserver Tips

Would you mind to confirm it please ?

Thank you

1 Like

The official Certbot - Ubuntufocal Apache guide you linked yourself above has a "Wildcard" tab, next to the tab "default" which shows the non-wildcard instructions. I recommend looking at that first before using $random_guides from the internet: while probably well-meant, the quality of $random_guide_from_the_internet varies from pretty good to straight bad.

1 Like

Yes thank you you're right I haven't seen the tab.

So I made the wildcard certificate + one for "domain.fr" because "*.domain.fr" doesn't cover "domain.fr" (I say it in case someone is in the same situation than me because as a beginner it is not obvious).

Now everything is working except for the subdmains with "www" like "https://www.subdomain.mydomain.fr".

Unfortunately there is no error message. Just a warning that saying the connexion may not be safe.

  Certificate Name: mydomain.fr
    Serial Number: 3b4c63ca1f8ab5eam91d7dc8835d50f98a6
    Key Type: RSA
    Domains: *.mydomain.fr mydomain.fr
    Expiry Date: 2021-08-10 20:32:47+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/mydomain.fr/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/mydomain.fr/privkey.pem

I don't understand why "https://www.mydomain.fr" works without needed to add a certificate for it and "https://www.subdomain.mydomain.fr" doesn't.

1 Like

Because a wildcard is only valid for a single DNS label.

Please read some novice documentation such as the Let's Encrypt Glossary entry for wildcard certificates: Glossary - Let's Encrypt

Note that a double wildcard cert (e.g. *.*.example.com) is not valid.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.