Creating a wildcard SSL Certificate

Help
1

I need help in setting up a wildcard SSL certificate from letsencrpt, and I don't know where to start.

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

I need help in setting up a wildcard SSL certificate from letsencrpt, and I don't know where to start.

My domain is: madco lour.co m

I ran this command: I don't know

It produced this output: I don't know

My web server is (include version): I don't know

The operating system my web server runs on is (include version): removed, spam?

My hosting provider, if applicable, is: Transeo Media

I can login to a root shell on my machine (yes or no, or I don't know): I don't know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

2

Unfortunately, there are too many "I don't know" answers in your post.

First thing to do probably is finding out the "root shell" and "control panel" answers. Usually, if you're on a shared hosting plan, you don't have root access. Conversely, if your website runs on a Virtual Private Server (VPS), you probably do have root shell access.

On shared hosting, you often only have the control panel for you to use, which often is very limited with regard to certificates.

Also note that for a wildcard certificate, you need to have access to the DNS zone of your domain. This makes wildcard certificates often much harder to implement than non-wildcard certificates. Why do you require a wildcard cert in the first place?

Also: what's cascadecro ssmedia.c o.u k for kind of operating system? Or are you just spamming? :slight_smile:

By the way, you already have gotten issued a wildcard certificate for mad colour.co m from Let's Encrypt a few weeks ago: crt.sh | 12301361946 and the certificate currently in use by your webserver from Google Trust Services is ALSO a wildcard..

So I'm pretty puzzled at the moment about the reason for your post.. I'm inclined more and more to "spam thread" currently. Could you explain more please?

3 Likes
3

We create web campaigns in eProductivity Software MarketDirect.

However there has been an issue with our SSL certificate, or lack of certificate recently. I contacted our hosting provider who are Transeo Media. They forwarded me to Letsencrpt, to create a Wildcard SSL certificate with no help whatsoever.

I wasnt't even aware we had a Wildcard certificate for Mad Colour. If that is the case, why are my hosting provider saying we need one. This is where I am confused.

4

What "issue" exactly?

That's a very good question you need to ask your hosting provider.

3 Likes
5

Update: Contacted our hosting provider.

Our domain is https://cascadecrossmedia.co.uk.

So for an example, https://cascadecrossmedia.co.uk/MADCreditApp. We would like this to point to credit.madcolour.com or something similar.

Completely new to this so don't fully understand this.

6

I don't understand those sentences at all. Was that the word for word answer by your hosting provider? What was your exact question to them? Is cascadecr ossmedia.c o.u k YOUR domain or the domain from your hosting provider? Where does the /MADCreditApp suddenly come from?

Still sounds a little bit spammy to me to be honest, but might be paranoid here.

3 Likes
7

I agree with your findings, @Osiris. It appears that @declanmad possesses the necessary wildcard certificate for madcolour.com, so perhaps this is more a question about configuring reverse-proxying so that credit.madcolour.com returns the content from cascadecrossmedia.co.uk/MADCreditApp?

This would likely require either webserver configuration (e.g. Nginx, Apache) or CDN configuration (e.g. Cloudflare, AWS Cloud Front, Azure Front Door).

4 Likes
8

And is not really Let's Encrypt/TLS related.

3 Likes
9

Agreed. I mean, configuring certs for reverse-proxy is something we've handled here on many occasions, of course, but outright reverse-proxy setup is a bridge beyond basic certificate issuance and installation.

4 Likes
10

Not sure if a reverse proxy is even necessary. "Point to" might also mean a simple HTTP redirect :man_shrugging:t2: I dunno, way too little information for a proper guess currently.

2 Likes
11

I surmise (from my previous employment) that this is a "masking" / "branding" situation where the target domain name with custom subdomain is the desired "brand". We shall see.

4 Likes
12

There is also the matter of:

Name:      madcolour[.]com
Addresses: 2606:4700:3033::6815:44d6
           2606:4700:3032::ac43:c6f3
           104.21.68.214
           172.67.198.243

CloudFlare?

4 Likes
13

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.