Resolved Secure Plesk by subdomain - best practice?

[Pleskie]

Hello Plesk friends,

Recently I started using a 2nd server (VPS) with Plesk.

I would like to know what the best practice is (if possible at all) to secure multiple Plesk-servers (the Panel access/login) with Let's Encrypt, while using the same hostname but different subdomains.

In short, I would like https://server1.my-main-domain.com:8443 (secured by Let's Encrypt) to point to Plesk login on server 1 and https://server2.my-main-domain.com:8443 (secured by Let's Encrypt) to point to Plesk login on server 2.

I'll try to explain my situation the best I can.

Currently I have 2 Plesk servers (VPS). Their original URL is something like this:

Server 1: https://abc123.my-hoster-domain.com
Server 2: https://xyz456.my-hoster-domain.com

On server 1 I have installed my website on my main domain: my-main-domain.com

In Plesk under the server settings of server 1 I have set the full hostname like this: server1.my-main-domain.com

The DNS records of my-main-domain.com and server1.my-main-domain.com are both pointing to the IP address of server 1.

Under Tools & Settings > SSL/TLS Certificates of server 1 I clicked the Let's Encrypt button and as the domain name I entered: server1.my-main-domain.com

(Note: I did not create the subdomain server1.my-main-domain.com. I only did set up the domain my-main-domain.com.)

So far, so good. For server 1 everything is working fine. Both my website (the main domain) and the subdomain are secured by Let's Encrypt.

When I need to access Plesk on server 1 I can now easily navigate to https://server1.my-main-domain.com:8443

Now here comes the problem.

For my 2nd server I also would like to be able to easily navigate to plesk by using the URL https://server2.my-main-domain.com:8443

So this is what I tried so far:

- I pointed the DNS-records of server2.my-main-domain.com to the IP address of server 2.

- In Plesk under the server settings of server 2 I have set the full hostname like this: server2.my-main-domain.com

- Under Tools & Settings > SSL/TLS Certificates of server 2 I clicked the Let's Encrypt button and as the domain name I entered: server2.my-main-domain.com

This is the point where I got an error message.

The error message is telling me it can't request a SSL/TLS certificate for server2.my-main-domain.com. It asks me to check http://server2.my-main-domain.com/.well-known/acme-challenge/cRqxVDGZgGbyASmDDtJZJSgmoUc9gK-... and see if an authentication token is available. It also says the DNS-challenge seems to be using another IP address.

Is there a solution for what I want?

So what I would like is:

- use Let's Encrypt to secure https://server1.my-main-domain.com:8443 and access Plesk on server 1
- use Let's Encrypt to secure https://server2.my-main-domain.com:8443 and access Plesk on server 2

Is this somehow possible? Or am I asking the impossible?

 

[Kaspar]

Is this somehow possible? Or am I asking the impossible?

Should be possible. I am using a similar naming scheme (vps001, vps002, ect) for my servers as well.

The first thing that comes to mind is that maybe the DNS record for your second server (server2.my-main-domain.com) wasn't fully propagated yet. Which means Let's Encrypt couldn't fetch the authentication token. In this case you'll just have to wait it out until the DNS has been propagated and try again.

 

[Pleskie]

Thanks for your reply @Rasp !

DNS was working correctly.

But your answer made me think why you got it to work and I didn't. Then I checked my default host on the server and noticed the authentication token had been written. However, earlier I had added some .htaccess rules to the default host. This caused the token to be unreadable and therefore Lets's Encrypt couldn't fetch it. Changing the .htaccess solved the problem.