SSL for the server and the virtual host

Avatar forum:clixer 10 months, 1 week ago

Hello,

I have set-up the web server and have installed the Let's Encrypt certificate, the site is visible at https://www.tazmeen.com.au/. I have not hosted any webpage yet.

Seems there are two issues I need to resolve.

Whilst, I only have a conf file and document root for tazmeen.com.au, the site is also visible at http://mars.tazmeen.com.au/. I have not created any virtual host for this. What should I do? What is the standard practice? Mars is the hostname of the server.

The second issue I have is that since Let's Encrypt does not offer wildcard certificates, there is no certificate installed for mars.tazmeen.com.au. Should I create a virtual host for this sub-domain and then install the certificate? Would this also install the certificate for the hostname mard? What is the standard practice and what should I do?

Many thanks for help.

4 Replies

Let's Encrypt allows you to have any number of host names (Subject Alternative Names) in the certificate. So you can request one that includes mars.tazmeen.com.au and whatever other names you would like. At some point in the future they may provide wildcard certificates.

@Vance:

Let's Encrypt allows you to have any number of host names (Subject Alternative Names) in the certificate. So you can request one that includes mars.tazmeen.com.au and whatever other names you would like. At some point in the future they may provide wildcard certificates.

Hi Vance. Thank you for your guidance.

Would like a clarification. Before I go ahead and arrange a SSL certificate from Lets Encrypt, should I create a virtual host for mars.tazmeen.com.au? Currently, it does not exist. In the virtual host that we provide paths to the certificate files.

Currently, the default index page is hosted at this URL: http://mars.tazmeen.com.au/ and I Beleive it is stored at /var/www/public_html/index.html.

Thanks for your help.

If you are using Apache, then if a request comes in that doesn't match a ServerName or ServerAlias directive, the first listed virtual host configuration will be used. So if you want an existing virtual host configuration to apply for mars.tazmeen.com.au, you can list it as a ServerAlias in that config or, if it's the first one, you can just do nothing.

When requesting a certificate from Let's Encrypt with certbot, you would specify multiple names using the -d option.

@Vance:

If you are using Apache, then if a request comes in that doesn't match a ServerName or ServerAlias directive, the first listed virtual host configuration will be used. So if you want an existing virtual host configuration to apply for mars.tazmeen.com.au, you can list it as a ServerAlias in that config or, if it's the first one, you can just do nothing.

When requesting a certificate from Let's Encrypt with certbot, you would specify multiple names using the -d option.

Thanks Vance. All done.

Cheers.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct