Multi domain magento how to ssl?

Hello,

I’m looking for help/answers that i cannot find on the web or (for me understandable) in related topics.

I have a multi-domain magento store with 4 TLD’s , and want to enable SSL for all domains.
the domain name of my store is the same only the the country changes. All domains are hosted on the same IP.

www.thisismysite.COM (main magento install)
www.thisismysite.DE
www.thisismysite.NL
www.thisismysite.BE

I’m on a vps with DirectAdmin which has the let’s encrypt certifficate possibility…
is it possible to use let’s encrypt / certbot for this setup, how to proceed?
can i use the SAN certificate or do i have to buy a not supported EV certificate?

Also:
under the main .com domain i have added 5 extra cname records for my transactional email handling…
over sendgrid… for example:
CNAME: links.thisismysite.com
CNAME: transactional.thisismysite.com etc

do i need to include these in my certificate?

Many thanks for your help!

best

Arn

Hello,

Let’s Encrypt certainly supports “SAN” or “UCC” certificates, you can put upto 100 names onto a single certificate (including your CNAMEs).

Depending on your DirectAdmin virtual host setup, you may or may not need to split these up across multiple certificates.

Have you tried issuing certificates for your domains using the Let’s Encrypt interface in DirectAdmin? You should be able to select the secondary domains for the certificate in the same place, such as in this screenshot:

5.png599×527 33.8 KB

Hello _az

Thanks for your qucik reply and screenshot.
I just looked into my directadmin and saw indeed the comlete list of underlying secondary domainnames.
under the main .com … 1 see 6 entries per domain

mysite.com
www.mysite.com
mail.mysite.com
ftp.mysite.com
pop.mysite.com
smtp.mysite.com

with 4 domains 1 have 24 entries how to deal with the maximum requests of 20 per week?
or does 1 request may obtain 24 entries?

Also when needing SAN (or UCC) which certificate type do i need to choose…?
where do i choose SAN or UCC (i am not on a microsoft exange server)

Many thanks for your help / for walking me true this!

Best
Arn

The specific meaning of 20 certificate per week can be found here:

https://letsencrypt.org/docs/rate-limits/

Issuing 1 cert with 24 names will only use up one token, with regard to that rate limit.

You do not need to specify UCC or SAN anywhere, they’re just “marketing names” that commercial CAs use for multi-domain certificates.

I think all you really need to do is just tick the secondary domains you want and include the main domain name for the certificate under “Common Name”.

For what it’s worth I would probably avoid adding useless names like ftp. as they might be more trouble if they’re worth (each name has to individually complete the validation process).

Let us know how you go :).

Hello _az

okay that great…!

If I understand it correctly, it is best to only add the top level domains
which i currently use in my setup with www included such as:

www.mysite.com
www.mysite.DE
www.mysite.NL
www.mysite.BE

i do not use the versions without www.

which resulst in 1 request with 4 items…

which key size and certificate is recommended?

the 4096 key with the SHA256 certificate…?
In which setup case do i need to split them up…?

Thanks for your advice

best

Arn

Ignore the splitting up suggestion I gave, I think DA does it for you by virtue of only showing the domains for the chosen virtual host.

Defaults should be fine for your key & cert.

Hello_AZ

Just did an ectra check on all the domain names with their IP addresses and luckily they are all the same…

I think you provided me with good solid info to proceed with the setup…

Many thanks for your efforts!

Best

Arn

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.