XAMPP Apache on Windows 10 - One cert for multiple subdomains

Please fill out the fields below so we can help you better.

My domain is: mt84.co

I ran this command: This is what I need help with.

It produced this output: N/A

My web server is (include version): XAMPP for Windows 5.6.30, with Apache/2.4.25

The operating system my web server runs on is (include version): Windows 10 Pro

My hosting provider, if applicable, is: N/A, I’m hosting it on my personal computer.

I can login to a root shell on my machine (yes or no, or I don’t know): Yes, I have full Administrator access.

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No.

I feel like I’m missing some terminology or something that would make Googling this a breeze, but after a couple days of searching I keep coming up empty, so here I am.

I’m trying to implement HTTPS on my home web server. I have the root domain “mt84.co” and I have a defined list of 24 additional subdomains that I would like to have included, ideally in a single Certificate. Of those 24 subdomains, 9 are critical, the rest are mainly just future proofing and nice-to-haves. For privacy’s sake, let’s assume the list of subdomains is a, b, c, d, e, f, g, h, i, j, k, l, m, n, o, p, q, r, s, t, u, v, w, & x.

I am using NoIP to route *.mt84.co to my public IP address, which is dynamic. This also routes mt84.co there as well.

Most of the subdomains will be used to forward to various other services that use different ports on the same machine as the Apache server, but one service is located on another PC on the same LAN. If I understand correctly this shouldn’t make a difference because I can terminate SSL (TLS) on the web server and then forward the downgraded HTTP plaintext requests where they need to go with some Apache VirtualHost configuration stuff, but I am including it here to be thorough.

I cannot figure out what program/command I should use to obtain the certificate. I would prefer to use Windows for this, but I am willing to spin up a linux VM as a last resort if all else fails.

If someone could point me in the right direction that would be amazing.

One defining question:
Where do ports 80 and 443 forward to?

If they both go to the Apache2.4.25 system, then this should be straight forward:
Set an global alias to catch all /.well-known/acme-challenge requests.
Make the desired cert requests.
Ensure each of the desired separate certs are matched by a separate vhost config.
Use reverse proxy in each required vhost to reach the 24 subdomained systems.

This is what I need help with, how do I make the cert request on Windows and have it include the subdomains?

For windows I use "le64.exe"
The individual cert requests would only include the domains that you want bound on the same cert.

Thank you so much! I ended up using their online tool (https://zerossl.com/free-ssl/#crt) and it worked like a charm!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.