AutoSSL subdomains with certificate installed on domain
Hello, I've a SSL certificate installed on example.com and valid only for example.com and www.example.com.
I want to use autoSSL for mail.example.com, webmail.example.com, cpanel.example.com etc.
I've try to exclude example.com and www.example.com from AutoSSL and the Run AutoSSL. This don't work.
-
Hi @daimpa What's output in the logs when you attempt to get the certificate with the root domain excluded? You can find them by going to WHM>>SSL/TLS>>Manage AutoSSL 0 -
Hi @daimpa What's output in the logs when you attempt to get the certificate with the root domain excluded? You can find them by going to WHM>>SSL/TLS>>Manage AutoSSL
1:28:10 PM AutoSSL"s configured provider is "Let"s Encrypt"". Checking websites for "user" " 1:28:10 PM Analyzing "example.com" " 1:28:10 PM User-excluded domains: 2 (example.com, www.example.com) TLS Status: Incomplete Certificate expiry: 3/24/20, 12:00 PM UTC (357.02 days from now) Impediment: CERTIFICATE_IS_EXTERNALLY_SIGNED: The certificate is neither self-signed nor from AutoSSL. 1:28:10 PM The system has completed the AutoSSL check for "user".0 -
Hello @daimpa The domains are hitting an impediment due to the certificate not being issued by AutoSSL and not being a self signed (being issued by another entity). If you go to WHM>>SSL/TLS>>Options -> and enable Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates. Does this issue persist? Thanks! 0 -
Hello @daimpa The domains are hitting an impediment due to the certificate not being issued by AutoSSL and not being a self signed (being issued by another entity). If you go to WHM>>SSL/TLS>>Options -> and enable Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates. Does this issue persist? Thanks!
Thanks for the reply, but it's already enabled.0 -
Hi @daimpa Interesting, can you please open a ticket using the link in my signature? It may be that the root domain in this instance needs to be able to receive the certificate but I'm not certain that behavior should be the default and I'd like for us to look further into that. Once open please reply with the Ticket ID here so that we can update this thread with the resolution once the ticket is resolved. Thanks! 0 -
Hi @daimpa Interesting, can you please open a ticket using the link in my signature? It may be that the root domain in this instance needs to be able to receive the certificate but I'm not certain that behavior should be the default and I'd like for us to look further into that. Once open please reply with the Ticket ID here so that we can update this thread with the resolution once the ticket is resolved. Thanks!
maybe it's the same problem of here?0 -
Hi @daimpa I believe so and this case is unresolved at this time, which is why I'd like to see if it's possible for you to open a ticket with us. 0 -
Hi @daimpa Without a valid SSL installed or any SSL including a self-signed one you won't be able to access sites over https. If you do have at the very least a self-signed SSL installed you'll be able to access but you will receive a warning in your browser. 0
Please sign in to leave a comment.
Comments
9 comments