Please fill out the fields below so we can help you better.
My domain is:host-thirty.com
I ran this command:
It produced this output:
My web server is (include version):Apache 2.4 ¨Nginx
The operating system my web server runs on is (include version):Centos
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):Plesk Onyx
I use Letsencrypt for my domain host-thirty.com The certificate also protect the www sub. But we use another one for the mail. mail.host-thirty.com How can we protect that sub also with the same certificate
Do all three names go to the same system?
They return different IPs:
The first two seem to be on CloudFlare and provide IPv6 addresses (which may introduce some complexity)
An LE cert was issued 5 days ago covering:
Did that not solve this problem?
Ipv6 is not used. The third subis mail.host-thirty.com and goes to the same IP and is not protected by cloudflare because them mail will not work. It only use the cloudflare dns
No it does not cover mail.host-thirty.com
So, if all three names go to the same system, then it should be straight forward (as if CloudFlare wasn’t even there).
Does the mail system already have a cert?
The mail server is protected by host-thirty.com cert. But because I must use mail.host-thirty.com as in and outgoing server I always get the Should you use this cert question
Well you managed to get 3 names on the existing cert:
Why can’t you just add a 4th name?
Probably that the PLESK api for Letsencrypt let me add a domain name and a www sub. Then you can set which cert that should protect the mail server. But it only protect the mailserver as host-thirty.com not as mail.host-thirty.com
host-thirty.com I cant use because it is proxied by cloudflare and will not work as mailserver setting.
The solution seems to be to either stop using cloudflare or stop using Letsencrypt and buy a wildcard cert instead
If you can solve it with a wildcard cert, then you should be able to solve it with a 4 named (SAN) cert.
Can’t you just add all the names?
I have no clue how to do it even if I am aware of SAN
You managed to do 3 SANs on one cert.
Just add one more name to that list in your procedure.
I think we stop this discussion, because as I said the API do that it self
I will use a wildcard cert to sol the problem.
Maybe someone else will read this thread and have more input.
US eastern time zone will be daylight soon.
Please understand that I don’t work for Let’s Encrypt nor for Plesk.
I’m just a community member…
Trying to help out.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.