SSL for subdomain hosted on different provider


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://partyfavorz.com

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: Siteground

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): yes and I have no idea what the version is.

I setup a subdomain for my site that points to my podcasting host page (Podbean) podcast.partyfavorz.com. Unfortunately, I cannot setup SSL for that page through Siteground as it’s not pointing to their IP address.

I spoke with Podbean and they told me that if I get an SSL certificate, they’ll install it. They also indicated they’re verified so there shouldn’t be an issue but there is. It appears there is a way to create the certificate myself and upload it to Podbean to be installed but I’ll have to recertify manually every so often. I also read that the process is more difficult. Is there a way around this or is this my only option for installation?

I see other questions about SSL and subdomains but none appear to be relevant to my situation as I do not run my own server. My website is hosted with Siteground but my podcast is hosted with Podbean.

Just curious.


#2

Hi @whiwo,

Let’s Encrypt now supports two ways of proving your control over a name—one is typically done by uploading a file to a server that that name points to, and the other involves posting TXT record in your DNS zone. Both of these can be automated, and a hosting provider in principle could integrate the second method even if not all of the names in the certificate are hosted by that provider, although that could be extra work and I don’t think I’ve seen hosts do this routinely.

Anyway, you can indeed get the certificate yourself by performing the validation steps yourself. If you did run your own server somewhere you could also try to automate this process by using that server to make the certificate requests, but it seems you’ve said that you don’t, so it does appear that your most likely option would be to get the certificates manually. That is definitely more work than having it happen automatically via some kind of hosting provider integration.

One option would be to use https://www.zerossl.com/ which gives you a web-based workflow to obtain the certificate.

Another important thing to point out is that the various subdomains can easily be covered by separate and independent certificates, including separate certificates issued by Let’s Encrypt. There’s no reason that they would have to be covered by the same certificate; there’s no security or other technical requirement to combine them into a single certificate. So, conceivably the host of the podcast server could get a certificate for that server, while Siteground could get a certificate for the part that it hosts. In that case, the certificate issuance could be fully automated by the two providers.


#3

Thank you for the clarification. I’ve decided to let it go and likely use the built-in hosting provided by my podcast provider which already has SSL and just forward my domain to that page once my service expires in May.

It’s not ideal because they’re web layouts are limited and there is only so much a self-taught person can do with CSS but it will have to suffice. I’m working with them now to upgrade their themes to make them more mobile-friendly and just hold my breath.

Thanks again!


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.