Editing a current SSL certificate?

My domain is: online-lmc.com

My customer wants to forward his secured subdomain at ncsuniversity.com to our secured sub domain at online-lmc.com. In other words, https://sub1.ncsuniversity.com forwards to https://sub2.online-lmc.com. The CNAME forward sends a Page 403 error. He can forward non secured http://sub1.ncsuniversity.com forwards to https://sub2.online-lmc.com.

Can we edit our SSL certifcate and add his domain as a wildcard or alias so he can submit the secured foward?

If so, any help on how to edit a certificate would be very appreciated.

Certificates cannot be "edited" per se, as that would violate the existing signature. But it's very much possible to request a new certificate which would include the hostnames of the previous certificate and have a few more added. Let's Encrypt certificates can contain up to 100 hostnames.


That's excellent information, thank you very much. Off to my programmer now!!

CNAMEs have nothing to do with protocols/ports - Like: HTTP and HTTPS.
So, they could use DNS to CNAME
Their FQDN [sub1.ncsuniversity.com]
to your FQDN [sub2.online-lmc.com]
But in order to get HTTPS://sub1.ncsuniversity.com/ to work.
The final IP [your server] would have to present a certificate that covers the name being requested:
Which, once the CNAME is in place, is a simple HTTP-01 authentication request and new cert issuance.

Otherwise, they would have to proxy:
from: https://sub1.ncuniversity.com/ [using one of their servers (with that cert)]
to: https://sub2.online-lmc.com


Rudy, thanks as well for this valuable information.

My technician does not like this sort of challenge, would someone like to be hired to assist me?


Hello @pkmyta :slightly_smiling_face:

For each in online-lmc.com, ncsuniversity.com, sub1.ncsuniversity.com, sub2.online-lmc.com, etc.

Please fill out the fields below so we can help you better, if applicable.

  • The domain name is:

  • My web server is (include version):

  • The operating system my web server runs on is (include version):

  • The authoritative DNS Name Servers:

  • My hosting provider, if applicable, is:

  • I can login to a root shell on my machine (yes or no, or I don't know):

  • I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

  • The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Then if you can list out the name mappings.


I see Godaddy is involved, please read and all its links:


"Will work for :beer:"


Some supplemental quick information on the 2 domain names:

$ curl -Ii http://online-lmc.com/
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Location: https://online-lmc.com/
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/7.1.29
Set-Cookie: _learn_press_session_a8d8156af8ed1f3c5dfaad99e685c917=8f94ceae83cdebc6a7b8a0d701628c7b%7C%7C1676770146%7C%7C02061f23fc42e06202650cf52f04d0ba; expires=Sun, 19-Feb-2023 01:29:06 GMT; Max-Age=172797; path=/; secure
Set-Cookie: _wordpress_lp_guest=f29e883e9dad50ad0c25f46ddf485395; expires=Fri, 17-Feb-2023 02:29:09 GMT; Max-Age=3600; path=/; secure
X-Redirect-By: WordPress
X-Powered-By: ASP.NET
Date: Fri, 17 Feb 2023 01:29:09 GMT
$ curl -Ii https://online-lmc.com/
HTTP/2 200
content-length: 0
content-type: text/html; charset=UTF-8
last-modified: Thu, 16 Feb 2023 16:16:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.1.29
x-powered-by: ASP.NET
date: Fri, 17 Feb 2023 01:29:16 GMT


This sounds exactly like the type of setup that Cloudflare for SaaS is designed for.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.