• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved Let's encrypt wildcard certificate for subdomains

Heinrich

Heinrich

Basic Pleskian
So, the Obsidian PLESK frontend allows for me to click on my main domain => SSL/TLS certificate and choose "Let's encrypt" and there choose wildcard certificate. But that certificate is only served on my main domain and other subdomains that aren't explicitly listed under domains in PLESK - like webmail.domain.tld

But, I have a subdomain "wiki.domain.tld" in PLESK and if I click on it and choose SSL/TLS certificate I can't find a way to select that it should also serve the wildcard certificate. It only allows for me to create a new Let's encrypt certificate, which is valid for that subdomain, and possibly sub-sub domains like *.wiki.domain.tld

So, is this option really missing in the user interface or am I just unable to find it ?
 
You need to setup your subdomain as a main domain, then you will have the option to create a wildcard certificate for it. Currently it is most likely created as a subdomain with the "add subdomain" button. Instead, use the "add domain" button, but enter the full subdomain when you create it. In that case the subdomain will be treated as a normal domain, allowing for subdomains to be created including wildcard certificates and mailboxes.
 
I think we miscommunitacted. I have on the main domain a wildcard certificate. I want that the subdomains that I have serve this certificate, too. But there seems to be no option for that.

What you descibe would generate a new wildcard certifiacte for each sub domain, wouldn't it. That is not what I want.
 
If the subdomain is a true subdomain to the main domain, meaning created with "add subdomain" and not as a separate domain by "add domain", it is covered by the wildcard certificate. Is the subdomain a true subdomain?
 
I think that's how I created them back then....

And I'm sure the wildcard-certificate would cover them, but nginx/apache serve an independent certificate each for each subdomain, that let's encrypt issued specifically for that subdomain. That is, because if I click on TLS/SSL in the subdomain I can choose let's encrypt as certificate issuer, but not select an option "serve main domains wildcard certificate".

Or may be I can, but I can't find such an option...
 
Ok, serious oversight on my part. I needed to go to "hosting" to choose the certificate, not to "SSL/TLS". Once I made the change it worked like I want it to...
 
You must log in or register to reply here.

Similar threads

V
Issue Let's Encrypt wildcard certificate renewal : some subdomains are not secured
Replies
0
Views
927
Vincent Brouchet
V
Hangover2
Forwarded to devs SSL It! breaks renewal and usage of Let's Encrypt wildcard certificates when subdomains are involved
2
Replies
28
Views
6K
marcoherzog
M
D
Issue can only create webmail certificates
Replies
1
Views
370
deepnpisgah
D
WhiteTiger
Issue Subdomain is not secure with Let's Encrypt
Replies
1
Views
719
Peter Debik
P
S
Question Mail subdomains with wrong TLS certificate (e.g. imap.example.tld)
Replies
1
Views
246
Kaspar
K
Back
Top