• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

Let's Encrypt on subdomain (configured as domain) not working

Bitpalast

Bitpalast

Plesk addicted!
Plesk Guru
Situation:

maindomain.xx has a fully functional Let's Encrypt certificate.

The customer has also subdomain.maindomain.xx and has set that up by adding a domain (not adding a subdomain), so that it should behave as if it was a maindomain.

He has a certificate from Let's Encrypt installed. We have checked the certificate listed in the nginx.conf and httpd.conf files, decrypted it and are seeing that is is the correct certificate for the domain name. Both server configuration files (nginx.conf and httpd.conf) show the correct certificate.

Nginx and Apache were both restarted after configuration changes.

Issue:

When connecting to subdomain.maindomain.xx the browser does not receive the subdomain.maindomain.xx certificate, but the hostname.yy certificate of the physical machine that Plesk is running on. The subdomain does neither deliver the maindomain.xx, nor the subdomain.maindomain.xx certificate despite the correct configuration files.

Why is that and how can it be solved?
 
The SSL needs to be installed on the subdomain. You should be able to install the certificate for the subdomain from within Plesk or from the command line (see: http://docs.plesk.com/en-US/12.5/cl...utilities/certificate-ssl-certificates.39009/ ); in addition, Plesk has a "Let's Encrypt" extension: https://ext.plesk.com/packages/f6847e61-33a7-4104-8dc9-d26a0183a8dd-letsencrypt which allows you to manage the Let's Encrypt SSL's from within Plesk--for domains and subdomains.

I've installed Let's Encrypt SSL's on all of my domains (and subdomains) using the Let's Encrypt Plesk extension without issue.
 
Can you please send me a PN with a link to one of your subdomains where a Let's Encrypt certificate is running?
 
I would also like to add, that the issue only occurs when both, the main domain and the subdomain, want to use the Let's Encrypt certificate generated by the extension. If the main domain uses a different SSL certificate, the subdomain can use a Let's encrypt cert, but if the main domain has a Let's Encrypt cert, the subdomain cannot also have one.
 
Meanwhile two other Plesk users have demonstrated that they are using different Let's Encrypt certs on main domain and sub domain. So there seems to be a way. Yet unsolved why Plesk delivers the hosts's certificate despite the correct certificates set in main domain and sub domain. Where does this information come from? Are there additional configuration files beyond nginx.conf and httpd.conf for the domains that include certificate information/path/location? This remains a mystery.
 
You must log in or register to reply here.

Similar threads

M
Issue Let's Encrypt Bulk Domain Renewal
Replies
4
Views
1K
MacGyver
M
S
Issue Let's Encrypt/SSL It! empty domain name error
Replies
8
Views
2K
SilentWarrior
S
B
Issue Can't add a Let's encrypt certificate
Replies
5
Views
769
Sebahat.hadzhi
Sebahat.hadzhi
D
Resolved Let's Encrypt Certificate missing domain name
Replies
2
Views
530
davorg
D
M
Resolved Lets Encrypt not issuing certs for subdomains
Replies
2
Views
1K
mendip_discovery
M
Back
Top