Beginner question about 2 machines and wildcard cert

Hello,

this is just some questions to plan ahead. it doesn’t involve a real scenario (yet)

Lets say I have 2 devices: 1 complex web server with email, dns and everything and 1 more simpler webserver with just web

of course I want both to offer secure services, so both should have certificates

my question is: could i get a wildcard *.mydomain.com certificate for the main server and then another cert for the simpler one like testserver.mydomain.com ?

also: can i adquire both using the same email (the webserver LE creation page on my control panel asks for a register email)

thank you.

Yes* and Yes*.
The email address used is only for notifications.

[note*: wildcard certs require DNS authentication and obtaining any cert will require some form of authentication/domain validation]

1 Like

thx. little followup question:
the DNS record must always stay (for renews??) or can it be deleted after getting the cert?

It can be deleted immediately after getting the cert, but you will be required to create a new one (with different contents) every time the certificate is renewed. It’s best to automate this using a DNS API.

wait, so even if i leave the orignal DNS entry there, i will have to make a new one on every renewal? every 90 days?

i just hope that plesk does this out of the box, otherwise i’m not really interested anymore :wink:

Yes, the original DNS entry is no longer useful for any purpose after it's been used, but a new one is always required to confirm your continued control over the domain name.

It looks like it can do it for you if Plesk is already set up to manage DNS for the domain:

or apparently in a newer version of Plesk:

i have onyx, not obsidian.
but i didn’t know about that “ssl-it” extention and it exists/works for onyx.

will check that out, thx.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.