Lets Encrypt and Alias Domains

Discussion in 'General' started by kyferez, Jun 18, 2018.

  1. kyferez

    kyferez Member

    I have a site, let's call it example.com, with an alias domain, lets call it ex.com. I enabled SSL and LE SSL on example.com before I added ex.com as an alias. So the cert was created without the alias in the SAN. I removed SSL from the site and re-added it, but it reused the old cert instead of recreating a new one with the added Alias domain.

    How can I fix this and have ISPConfig force LE to regen the cert?
  2. ahrasis

    ahrasis Active Member

    You could delete the old certs before trying to reissue the new certs.

    In debian / ubuntu to delete them you can run: "rm -rf /etc/letsencrypt/*/example.com*"
    kyferez likes this.
  3. kyferez

    kyferez Member

    That let it regen the cert, but the alias domain still does not work. The SAN name does NOT include the alias :(
    Last edited: Jun 19, 2018
  4. ahrasis

    ahrasis Active Member

    Try to access your alias domain before requesting for the new certs; is it working?

    Also check the vhost file to see whether the alias domain is already included.
  5. kyferez

    kyferez Member

    You mean the alias domain using HTTP? Yes, it works with HTTP. With HTTPS, it does not.

    In my prior post when I said the Alias domain doesn't work, I meant the cert was invalid. The site did come up if I ignored the cert warning; What didn't work was the alias domain wasn't added to the SAN in the Cert.
  6. kyferez

    kyferez Member

    Anyone know if this is a ISPConfig bug with Alias domains and LetsEncrypt or if I'm doing something wrong?
  7. kyferez

    kyferez Member

    bump...? I'm using version 3.1dev
    Last edited: Jun 23, 2018
  8. ahrasis

    ahrasis Active Member

    Checks your log files. Use the faq as your guides. The LE SSL certs are not updated for reasons that we do not know as you did not provide a detail info.

    I personally don't think it is a bug since others are adding alias domain just fine to their LE SSL certs.

    The steps in doing it were discussed so many times. Add alias domain and save, then uncheck the SSL button in the main domain and save, then re-check the LE buttom in the main domain and save, and wait for LE to process.

    If failed, check the LE logs as they will tell you what you did wrong, not us here, as we do not know what and how you did it.
    kyferez likes this.
  9. kyferez

    kyferez Member

    The problem was I had checked in the AliasDomain the box "Don't add to LetsEncrypt Certificate" when I created it because I didn't originally have SSL enabled... So that was the issue DOH!

    Thank you VERY MUCH!
    till and ahrasis like this.

Share This Page