Editing a current SSL certificate?

Help
1

My domain is: online-lmc.com

My customer wants to forward his secured subdomain at ncsuniversity.com to our secured sub domain at online-lmc.com. In other words, https://sub1.ncsuniversity.com forwards to https://sub2.online-lmc.com. The CNAME forward sends a Page 403 error. He can forward non secured http://sub1.ncsuniversity.com forwards to https://sub2.online-lmc.com.

Can we edit our SSL certifcate and add his domain as a wildcard or alias so he can submit the secured foward?

If so, any help on how to edit a certificate would be very appreciated.

2

Certificates cannot be "edited" per se, as that would violate the existing signature. But it's very much possible to request a new certificate which would include the hostnames of the previous certificate and have a few more added. Let's Encrypt certificates can contain up to 100 hostnames.

3

That's excellent information, thank you very much. Off to my programmer now!!

4

CNAMEs have nothing to do with protocols/ports - Like: HTTP and HTTPS.
So, they could use DNS to CNAME
Their FQDN [sub1.ncsuniversity.com]
to your FQDN [sub2.online-lmc.com]
But in order to get HTTPS://sub1.ncsuniversity.com/ to work.
The final IP [your server] would have to present a certificate that covers the name being requested:
sub1.ncsuniversity.com
Which, once the CNAME is in place, is a simple HTTP-01 authentication request and new cert issuance.

Otherwise, they would have to proxy:
from: https://sub1.ncuniversity.com/ [using one of their servers (with that cert)]
to: https://sub2.online-lmc.com

5

Rudy, thanks as well for this valuable information.

My technician does not like this sort of challenge, would someone like to be hired to assist me?

6

Hello @pkmyta :slightly_smiling_face:

For each in online-lmc.com, ncsuniversity.com, sub1.ncsuniversity.com, sub2.online-lmc.com, etc.

Please fill out the fields below so we can help you better, if applicable.

  • The domain name is:

  • My web server is (include version):

  • The operating system my web server runs on is (include version):

  • The authoritative DNS Name Servers:

  • My hosting provider, if applicable, is:

  • I can login to a root shell on my machine (yes or no, or I don't know):

  • I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

  • The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Then if you can list out the name mappings.

7

I see Godaddy is involved, please read and all its links:

image
image900×823 22.5 KB

8

"Will work for :beer:"

9

Some supplemental quick information on the 2 domain names:

image
image1059×591 9.06 KB

image
image1053×399 5.6 KB

image
image1150×962 20.5 KB

image
image1156×960 20.6 KB 

$ curl -Ii http://online-lmc.com/
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Location: https://online-lmc.com/
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/7.1.29
Set-Cookie: _learn_press_session_a8d8156af8ed1f3c5dfaad99e685c917=8f94ceae83cdebc6a7b8a0d701628c7b%7C%7C1676770146%7C%7C02061f23fc42e06202650cf52f04d0ba; expires=Sun, 19-Feb-2023 01:29:06 GMT; Max-Age=172797; path=/; secure
Set-Cookie: _wordpress_lp_guest=f29e883e9dad50ad0c25f46ddf485395; expires=Fri, 17-Feb-2023 02:29:09 GMT; Max-Age=3600; path=/; secure
X-Redirect-By: WordPress
X-Powered-By: ASP.NET
Date: Fri, 17 Feb 2023 01:29:09 GMT

$ curl -Ii https://online-lmc.com/
HTTP/2 200
content-length: 0
content-type: text/html; charset=UTF-8
last-modified: Thu, 16 Feb 2023 16:16:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.1.29
x-powered-by: ASP.NET
date: Fri, 17 Feb 2023 01:29:16 GMT
10

This sounds exactly like the type of setup that Cloudflare for SaaS is designed for.