Question Wildcard SSL cert to be used for all aliases

[GreenhouseTech]

Server operating system version

Windows Server 2022

Plesk version and microupdate number

18.070

Hello Pleskers

• I have a production server which will ultimately host around 300 subscriptions (so far only 5).
• Let's say the IP address is 123-456-78-90
• Each subscription will have a main (public) domain name and an alias.
• When the site is launched, I will register LetsEncrypt cert (no problem)
• The alias is a subdomain of our testing domain eg 123-456-78-90.previewdomain.com which results in aliases like
  • examplesitename1.123-456-78-90.previewdomain.com
  • examplesitename2.123-456-78-90.previewdomain.com
• From within Plesk I have purchased a Positive SSL wildcard domain in the format *.123-456-78-90.previewdomain.com
• I have a subscription for 123-456-78-90.previewdomain.com and DNS records for 123-456-78-90.previewdomain.com and *.123-456-78-90.previewdomain.com pointing back to the server.
• I have installed the cert on the subscription 123-456-78-90.previewdomain.com, which is working

How can I configure Plesk so that all aliases (examplesitename1, examplesitename2 etc) are automatically secured with the wildcard cert?

Thanks!

 

[Sebahat.hadzhi]

Hello, @GreenhouseTech . Do I correctly understand that the wildcard SSL is installed for *.123-456-78-90.previewdomain.com rather than *.previewdomain.com?

 

[GreenhouseTech]

Hi, yes, that's right. Should I have bought the cert for my previewdomain address?

 

[Sebahat.hadzhi]

No, your setup is right. If you want to cover examplesitename1.123-456-78-90.previewdomain.com it should be for 123-456-78-90.previewdomain.com. I believe the new aliases should be automatically covered by the SSL, but since you are asking I am guessing that doesn't happen. What you can try is to reissue the SSL certificate.

 

[GreenhouseTech]

Thank you. If I try to reissue the certificate for the 123-456-78-90.previewdomain.com domain, I'm prompted to buy it again.

Alternative plan (which would be an even better solution).... rather than creating subdomain aliases for each site, is there a way to automatically secure the Plesk preview domain eg exampledomain.com.123-456-78-90.previewdomain.com

 

[Sebahat.hadzhi]

Unfortunately, at this point, there is no way to cover the site preview URL with valid certificate. I will need to check further why you are being prompted to buy the SSL again and how could that behavior be potentially avoided. I will follow up with more details as soon as possible.