Let's Encrypt: Multiple domains but SSL only good for one

6 posts / 0 new
Topic locked
Last post
#1 Tue, 02/20/2018 - 11:14
rchase

Let's Encrypt: Multiple domains but SSL only good for one

I used Virtualmin > Server Configuraiton > Manage SSL Certificates to generate a Let's Encrypt cert for site A.

Site A was then SSL'd and working fine.

Then I repeated the same thing for site B.

Site B was then SSL'd and working fine.

But now site A has an invalid cert. The cert details show the cert is valid for site B, not for site A.

How can I have multiple domains SSL with Let's Encrypt?

thanks!

Wed, 02/21/2018 - 09:02
rchase

I noticed on my two domains that are working, one cert is issued to www.rchase.com while the other is issued to locklinnetworks.com

If I add a third site with Let's Encrypt then for some reason all the websites on the server not only have invalid certs (issued for the third site), but also every server displays the page content of the third site!

I spent almost 8 hours troubleshooting this yesterday, trying different things and reverting back. Any ideas?

Thu, 02/22/2018 - 00:12 (Reply to #2)
atleast
atleast's picture

In your case can you disable the 3rd domain as SSL and then test the first two and see if they work. SOMEONE with knowledge can surely help you as I would also look to add two virtual domains on one IP. I am also looking for an answer in vain but i was also looking for a question what if we move one domain to another IP address or a new IP on a different server. There was this answer on letsencrypt site that says that IP is not really important.

schoenCertbot engineer / EFF Aug '17 A Let’s Encrypt certificate refers to the domain name, rather than the IP address. The browser accepts the certificate as valid if the domain name that was used to access the site matches a domain name listed in the certificate. So, you don’t have to get a new certificate when you change IP addresses; your existing certificate will remain valid.
Wed, 02/21/2018 - 09:02
rchase

x

Thu, 02/22/2018 - 00:28
atleast
atleast's picture

You could kindly see this link and see if it makes sense. What I gather from this brief is that one can use multiple domains on one IP. I hope some friendly user of virtualmin can guide us more.

https://www.digicert.com/ssl-support/apache-multiple-ssl-certificates-us...

Thu, 02/22/2018 - 18:48
atleast
atleast's picture

I did a test by moving IP 2 functional SSL domain to IP 1 where another domain and name server is setup. Now after having ONE IP and two domains - the SSL https://abc.com works BUT not https://www. and it leads to security warning meaning NO SSL. THAT IS A bizarre case even though IT COULD BE more a bug on my domain install or apache but when I have it on a UNIQUE IP 2 it works in all forms http https and with www. I would like someone to test that and see how it turns out.

Topic locked