Skip to main content

CPANEL-37730 - AutoSSL can't see webmail subdomain

Comments

13 comments

  • andrew.n
    You should add it as add-don domain to get SSL properly installed. As far as I remember aliases are not getting certs.
    0
  • cPRex Jurassic Moderator
    Alias domains do get included in the AutoSSL runs. I set one up just now to confirm, and then ran AutoSSL on the domain and it did issue the certificate for me Is there an Apache entry for webmail for the domain? By default, an alias doesn't get the "webmail" subdomain created, so there would not be anything for Apache to secure. I checked my 443 vhost in the httpd.conf file to confirm this was the case, and only the main domain got the webmail.domain.com entry.
    0
  • LoadFactor
    You should add it as add-don domain to get SSL properly installed. As far as I remember aliases are not getting certs.

    The domain, including www and mail subdomains ARE getting coverage. AutoSSL is just not recognizing the webmail subdomain. It's not even listing it.
    0
  • LoadFactor
    Alias domains do get included in the AutoSSL runs. I set one up just now to confirm, and then ran AutoSSL on the domain and it did issue the certificate for me Is there an Apache entry for webmail for the domain? By default, an alias doesn't get the "webmail" subdomain created, so there would not be anything for Apache to secure. I checked my 443 vhost in the httpd.conf file to confirm this was the case, and only the main domain got the webmail.domain.com entry.

    I have verified what andrew.n said: although alias domains do get wildcard certs, cPanel doesn't do anything for the webmail subdomain, although it does add an A record for webmail/webdisk, etc. to the DNS. As a work-around, I manually added the webmail subdomain to the alias, then redirected it to webmail.maindomain.com, and that works. Automatically adding the cPanel related subdomains to DNS without adding them to AutoSSL feels like a bug to me.
    0
  • andrew.n
    @cPRex
    0
  • cPRex Jurassic Moderator
    Someone is really excited about tagging me today, @andrew.n ! I agree, so I've created case CPANEL-37730 for our developers to look into this. I'm wondering if this was already discussed, but we opted to leave that out due to AutoSSL limits. However, if we're creating the DNS records, I'm of the opinion we should be able to secure them. I'll be sure to respond once I get an update on that case.
    0
  • andrew.n
    hehe sorry about that Rex :) you are the most important person here :D
    0
  • cPRex Jurassic Moderator
    I am almost certainly not! I am the.........................dinosaur-iest though?
    0
  • andrew.n
    very true, the most(!) dinosaur-iest :)
    0
  • LoadFactor
    Now I feel like tagging both of you. ;) Thanks both of you for your help and to cPRex for raising it to a case. (see, no @. Do I get a prize?)
    0
  • cPRex Jurassic Moderator
    Ummm, how about the prize of knowing the team has already talked about it and plans to do some work toward it in version 100? Does that work?
    0
  • dywilson
    Hi all, I just found this thread and noted that there was a case created CPANEL-37730 Is there a way for me to track this case status. Just wanting to know if/when we can expect it. Also wondering if there a simple work-around to force an auto-ssl generation of alias subdomains. I know that there is a workaround in that you can redirect to the main domain, but I suspect that only works for web-pages. If we use a subdomain in the alias domain as the inbound and outbound hosts in an email client then it will not redirect.
    0
  • cPRex Jurassic Moderator
    @dywilson - I don't have a good way to track this one except for watching the changelogs. Since you're following this thread now, I also post updates once it has been resolved, and the cPanel version number where it is fixed if that is applicable. I do see our team is working on this now, although it has not been added to a release.
    0

Please sign in to leave a comment.