I’m looking for help/answers that i cannot find on the web or (for me understandable) in related topics.
I have a multi-domain magento store with 4 TLD’s , and want to enable SSL for all domains.
the domain name of my store is the same only the the country changes. All domains are hosted on the same IP.
www.thisismysite.COM (main magento install)
I’m on a vps with DirectAdmin which has the let’s encrypt certifficate possibility…
is it possible to use let’s encrypt / certbot for this setup, how to proceed?
can i use the SAN certificate or do i have to buy a not supported EV certificate?
under the main .com domain i have added 5 extra cname records for my transactional email handling…
over sendgrid… for example:
CNAME: transactional.thisismysite.com etc
do i need to include these in my certificate?
Many thanks for your help!
Let’s Encrypt certainly supports “SAN” or “UCC” certificates, you can put upto 100 names onto a single certificate (including your CNAMEs).
Depending on your DirectAdmin virtual host setup, you may or may not need to split these up across multiple certificates.
Have you tried issuing certificates for your domains using the Let’s Encrypt interface in DirectAdmin? You should be able to select the secondary domains for the certificate in the same place, such as in this screenshot:
Thanks for your qucik reply and screenshot.
I just looked into my directadmin and saw indeed the comlete list of underlying secondary domainnames.
under the main .com … 1 see 6 entries per domain
with 4 domains 1 have 24 entries how to deal with the maximum requests of 20 per week?
or does 1 request may obtain 24 entries?
Also when needing SAN (or UCC) which certificate type do i need to choose…?
where do i choose SAN or UCC (i am not on a microsoft exange server)
Many thanks for your help / for walking me true this!
The specific meaning of 20 certificate per week can be found here:
Issuing 1 cert with 24 names will only use up one token, with regard to that rate limit.
You do not need to specify UCC or SAN anywhere, they’re just “marketing names” that commercial CAs use for multi-domain certificates.
I think all you really need to do is just tick the secondary domains you want and include the main domain name for the certificate under “Common Name”.
For what it’s worth I would probably avoid adding useless names like
ftp. as they might be more trouble if they’re worth (each name has to individually complete the validation process).
Let us know how you go :).
okay that great…!
If I understand it correctly, it is best to only add the top level domains
which i currently use in my setup with www included such as:
i do not use the versions without www.
which resulst in 1 request with 4 items…
which key size and certificate is recommended?
the 4096 key with the SHA256 certificate…?
In which setup case do i need to split them up…?
Thanks for your advice
Ignore the splitting up suggestion I gave, I think DA does it for you by virtue of only showing the domains for the chosen virtual host.
Defaults should be fine for your key & cert.
Just did an ectra check on all the domain names with their IP addresses and luckily they are all the same…
I think you provided me with good solid info to proceed with the setup…
Many thanks for your efforts!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.