Question Wildcard SSL for entire server?

[SacAutos]

This morning I followed the directions in the Plesk article on how to create a wildcard SSL using Let's Encrypt. Basically, all it involves is creating a panel.ini file with the acme challenge and then creating a TXT record with my DNS service. Very nice!

However, the servers I run use a wildcard SSL at the very top level (i.e. IP address) and then I use a CDN scheme to create a variety of subdomains. For example, my server has:

www.myservername.com
pics.myservername.com
pdf.myservername.com
images.myservername.com
beta.myservername.com

and so forth. How can I retire the SSL certificate that I purchase for the server with one from Let's Encrypt? At the IP address admin screen, there is no dialog for wildcards unlike at the subscription level. Am I still hosed?

 

[learning_curve]

.....How can I retire the SSL certificate that I purchase for the server with one from Let's Encrypt? ....

It's not 100% clear from your post, what you're actually looking too do...

Is it...

a) Provide one *Wildcard Let's Encrypt certificate, that covers all the subdomains, on one domain (which is also the host server FQDN)

Or

b) Provide a *Wildcard Let's Encrypt certificate that covers multi-domains, some of which, may also have subdomains too (and one of the domains, is also the host server FQDN)

You can do both a) and b) but, because of the setup work involved, it's dependent, on how many domains you have, if it's b)

If it's a) You can do this using the Plesk Let's Encrypt Extension. If it's b) Can you tell us how many domains you want to cover with one certifcate?

 

[SacAutos]

It's sorta option "a." Each of the subdomains is set up as its own subscription so they are independent of each other. To get more specific, I manage a car dealership chain. The main brand is www.myautobrand.com. Each of the dealerships is set up as a subdomain. For example, buick.myservername.com. All the vehicle images are in pics.myservername.com. And so forth. There's a total of about thirty subscriptions on the server. And the server itself is named cloud.myservername.com. In the past, I have purchased a wildcard SSL for myservername.com and installed it at the IP address level of the server. Each subscription is allowed to use it for their SSL traffic. So if I could replace that wildcard that I purchase with a free one, that would be cool.

 

[SacAutos]

Sorry for the confusion. There's only one FQDN, and the example should be myautobrand.com which is an example, not the real domain, used for discussion purposes. Please ignore the myservername.com...

 

[learning_curve]

Sorry for the confusion. There's only one FQDN, and the example should be myautobrand.com which is an example, not the real domain, used for discussion purposes. Please ignore the myservername.com...

Thanks! Understand that more now
Have you encountered something that is stopping you from using the Plesk Extension to achieve what you need? i.e. One *Wildcard Let's Encrypt Certificate that covers one FQDN, which is the Server Host, plus all of its sub-domains? From your explanation, we can't see any potential issues... but just in case, you could also read this specific post & the following post, as the answers should be very useful for you: Let's Encrypt extension (Ignore any of our posts or quotes from them in there, as they all relate to option b)

 

[SacAutos]

That's a good tip. I'll check out that thread.