My domain is hosted on a virtual server and managed via Plesk. The domain is registered with GoDaddy and I use GoDaddy’s DNS servers.
In Plesk, I selected the domain, chose the Let’s Encrypt icon and went through the motions for creating a wildcard certificate (having previously followed the instructions for allowing acme-v02 protocol) and setting up the appropriate DNS TXT entry in GoDaddy. That all worked and https on my main domain is working including www.
I was expecting, that by using a wildcard certificate, that all sub-domains would be accessible via https but webmail.mydomain isn’t working.
Hi. The domain is creationfactor.net but https://webmail.creationfactor.net isn’t working (it redirects to http). I thought a wildcard certificate meant any subdomain of creationfactor.net would work, i.e: *.creationfactor.net. I only have a shallow understanding of DNS though(!).
Oh I see what you mean - so Plesk must be internally managing the apache config files for the webmail subdomain. So, theoretically, if that apache config could be modified to use SSL it would actually be covered by the same certificate as the main domain?
As a matter of interest, how can you tell how can you tell webmail.creationfactor.net is under a self-signed certificate? Is there a DNS lookup command for that?
A wildcard certificate is only assigned to the main domain. To apply it to subdomains, go to Hosting Settings of each subdomain and chose the new wildcard Let's Encrypt certificate in the Certificate drop-down menu.
Also not unimportant:
Wildcard certificates will not be renewed automatically.
Ahh of course, right-clicking on the "Not-secure" bit to the left of the URL (in Chrome anyway).
Right, so because Plesk doesn't expose the webmail subdomain in the list of domains I can't immediately go and select the let's encrypt wildcard certificate there.