Cert for domain + subdomain


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: davefilchak.com / shop.davefilchak.com

Just so I am clear here: I can get a cert that covers both of these domains or do I need two?

Thanks
Dave


#2

You can use one certificate.

Let’s Encrypt certificates can have up to 100 names (from 1 to 100 domains).

Some ACME clients might make it easier or harder to arrange things in different ways.


#3

Cool. Thanks very much


#4

My host (A2 Hosting, who apparently support Let’s Encrypt) tells me they cannot install a cert for a domain and a subdominant, which they are calling a wildcard cert. Does this make sense? Can the cert just cover the sub Domain? Where do I find instructions for installing it myself?

Thanks
Dave


#5

Ah, I know these guys.

So you are using cPanel hosting?

If shop.davefilchak.com and davefilchak.com are separate virtual hosts in cPanel (for example, if the shop is a subdomain and davefilchak.com is your primary domain), then you just need to issue separate certificates for them.

That’s just how cPanel wants it.

You can do this by logging into cPanel and visiting “Lets Encrypt SSL”.


#6

Ah, I would be so happy if it was that easy. If you are saying that there should be a Let’s Encrypt icon in CPanel, I am sorry to say there is not. If there is not supposed be an icon/link, then are you saying I need to set up things in Let’s Encrypt and then take a token back to CPanel.


#7

Oh, my bad. I guess things have changed at A2 since last I checked in with them.

Ultimately it’s up to them - Let’s Encrypt is flexible for whatever arrangements you want, but A2 will have their own way of doing things and you’ll need to follow their lead.


#8

Well now what their saying, because I am on a managed VPS, They
can only install it on the main domain. But I suspect it is not a
technical thing … just a management thing because if I did not
have a managed setup I could do whatever I want. I do has SSH
access so I am thinking of giving it a go that way. Can you point
me to installation and config instructions?

Thanks for your input.

Dave


#9

:\

Well, your domains already have SSL certificates (even on the non-primary domain):

So that explanation seems unlikely.

Do you have root access to WHM?


#10

Well that surprises me! I did not bother checking that because I
did not install certs on this domain or sub domain. I did on
zukamusic.com but not on this domain. I do have root access to WHM
yes.


#11

Right, that makes it easy.

Just go to WHM→Manage AutoSSL and make sure that either “cPanel (powered by Comodo)” or “Let’s Encrypt” is selected. Doesn’t really matter which one, but Comodo’s is a bit more reliable on cPanel.

Further info:


#12

In fact, every domain I am hosting appears to be covered. Very
weird.


closed #13

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.