• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question CNAME and SSL

C

Chepplesk

New Pleskian
Server operating system version
Debian 11
Plesk version and microupdate number
18.0.58
Hi, I need to point a domain of one of my client (crm.tenant.ext) via CNAME to a site of mine hosted on Plesk (tenant.myserver.ext).

crm.tenant.ext CNAME tenant.myserver.ext

My client created the CNAME , technically everything works except the Let's Encrypt SSL certificate. I get the error SSL_ERROR_BAD_CERT_DOMAIN because the certificate is valid only for tenant.myserver.ext and not for the source domain (crm.tenant.ext). My server has Plesk Obsidian updated to the latest release, and Debian 11. How to fix it? Thanks to all
 
You could create crm.tenant.ext as a new domain in the same subscription ("Add domain" button), but enter the same document root directory into it that tenant.myserver.ext uses. When crm.tenant.ext resolves to tenant.myserver.ext, it should be possible to issue a domain validated SSL certificate for it.
 
Chepplesk said:
Hi, I need to point a domain of one of my client (crm.tenant.ext) via CNAME to a site of mine hosted on Plesk (tenant.myserver.ext).

crm.tenant.ext CNAME tenant.myserver.ext

My client created the CNAME , technically everything works except the Let's Encrypt SSL certificate. I get the error SSL_ERROR_BAD_CERT_DOMAIN because the certificate is valid only for tenant.myserver.ext and not for the source domain (crm.tenant.ext). My server has Plesk Obsidian updated to the latest release, and Debian 11. How to fix it? Thanks to all
Click to expand...
Review there is a DNS entry for A record *.myserver.ext, if there is not probably this could be the issue.
 
What? No, you don't need an A record for `*.myserver.ext`. I have done a similar thing myself.
I added a regular CNAME record for `crm.tenant.ext` over the DNS settings. And I created just an wildcard letsencrypt certifcate for tenant.ext (which is `*.tenant.ext`):

1721973874115.png

It took one day that the certificate for the CNAME was in action, but it works.
 
bernhardh86 said:
What? No, you don't need an A record for `*.myserver.ext`. I have done a similar thing myself.
I added a regular CNAME record for `crm.tenant.ext` over the DNS settings. And I created just an wildcard letsencrypt certifcate for tenant.ext (which is `*.tenant.ext`):

View attachment 26726

It took one day that the certificate for the CNAME was in action, but it works.
Click to expand...
Wildcard works and you specify the issue was with CNAME but when its a domain I am going to use to create different applications, and I don't know the names yet, crm.domain, support.domain, etc I like to create the DNS record A * domain so I am able to create subdomains on the fly and add SSL without the need of wildcard certificates.
 
You must log in or register to reply here.

Similar threads

P
Question Dynamic domain redirection with CNAME - Linktree-like service (Plesk Obsidian on Debian VPS)
Replies
6
Views
883
Pecnet
P
L
Issue Plesk Mail Only SSL Still Not Functioning Properly
Replies
0
Views
146
Ladylinux
L
M
Question NameServer settings for domains and Webspaces?
Replies
4
Views
449
MimiWeb
M
C
Question Plesk with Cloudflare Proxy DNS Records and Letsencrypt..
Replies
0
Views
945
cpulove
C
J
Resolved Problem with SSL
Replies
2
Views
633
JanBr
J
Back
Top