February 16, 2023, 4:11pm
My domain is:
My customer wants to forward his secured subdomain at
ncsuniversity.com to our secured sub domain at online-lmc.com. In other words, https://sub1.ncsuniversity.com forwards to https://sub2.online-lmc.com. The CNAME forward sends a Page 403 error. He can forward non secured http: //sub1.ncsuniversity.com forwards to https://sub2.online-lmc.com.
Can we edit our SSL certifcate and add his domain as a wildcard or alias so he can submit the secured foward?
If so, any help on how to edit a certificate would be very appreciated.
February 16, 2023, 4:42pm
Certificates cannot be "edited" per se, as that would violate the existing signature. But it's very much possible to request a
new certificate which would include the hostnames of the previous certificate and have a few more added. Let's Encrypt certificates can contain up to 100 hostnames.
February 16, 2023, 5:41pm
That's excellent information, thank you very much. Off to my programmer now!!
February 16, 2023, 10:14pm
CNAMEs have nothing to do with protocols/ports - Like: HTTP and HTTPS.
So, they could use DNS to CNAME
Their FQDN [
to your FQDN [
But in order to get HTTPS://sub1.ncsuniversity.com/ to work.
The final IP [your server] would have to present a certificate that covers the name being requested:
Which, once the CNAME is in place, is a simple
HTTP-01 authentication request and new cert issuance.
Otherwise, they would have to proxy:
https://sub1.ncuniversity.com/ [using one of their servers (with that cert)]
February 17, 2023, 12:20am
Rudy, thanks as well for this valuable information.
My technician does not like this sort of challenge, would someone like to be hired to assist me?
For each in
online-lmc.com, ncsuniversity.com, sub1.ncsuniversity.com, sub2.online-lmc.com, etc.
Please fill out the fields below so we can help you better, if applicable.
The domain name is:
My web server is (include version):
The operating system my web server runs on is (include version):
The authoritative DNS Name Servers:
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):
Then if you can list out the name mappings.
I see Godaddy is involved, please read and all its links:
Some supplemental quick information on the 2 domain names:
$ curl -Ii http://online-lmc.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Set-Cookie: _learn_press_session_a8d8156af8ed1f3c5dfaad99e685c917=8f94ceae83cdebc6a7b8a0d701628c7b%7C%7C1676770146%7C%7C02061f23fc42e06202650cf52f04d0ba; expires=Sun, 19-Feb-2023 01:29:06 GMT; Max-Age=172797; path=/; secure
Set-Cookie: _wordpress_lp_guest=f29e883e9dad50ad0c25f46ddf485395; expires=Fri, 17-Feb-2023 02:29:09 GMT; Max-Age=3600; path=/; secure
Date: Fri, 17 Feb 2023 01:29:09 GMT
$ curl -Ii https://online-lmc.com/
content-type: text/html; charset=UTF-8
last-modified: Thu, 16 Feb 2023 16:16:51 GMT
date: Fri, 17 Feb 2023 01:29:16 GMT
February 17, 2023, 2:11am
This sounds exactly like the type of setup that Cloudflare for SaaS is designed for.
March 19, 2023, 2:12am
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.