Hi,
We have a cPanel account with the main domain example.com. This domain has a wildcard certificate to cover *.example.com.
Now I wish to add example2.com and example3.com etc via the cPanel API. They need to be on the same account so that all domains point to the same document root. They will all need their own SSL certificates and I'm trying to use AutoSSL with Let's Encrypt for this.
Using the cPanel API I added example2.com as an addon domain to this account. This created them as a subdomain of example.com e.g. example2com.example.com.
The addon domain is created correctly and points to the correct document root. However, the AutoSSL causes a problem because it assigns the wildcard certificate. This means that when you visit example2.com the SSL certificate is for *.example.com. Of course, this means it is invalid and shows warning errors in browsers.
To get around this I have attempted to add the addon domains in a container subdomain (as subdomains of a subdomain don't get covered by the wildcard) e.g. example2com.container.example.com. This prevented the wildcard problem, however, the certificates that AutoSSL created are almost always broken with incorrect CN and random SANs from other domains in the container subdomain.
Does anyone have any ideas for workarounds for either of these problems?
Regards,
Aidan Brookes
We have a cPanel account with the main domain example.com. This domain has a wildcard certificate to cover *.example.com.
Now I wish to add example2.com and example3.com etc via the cPanel API. They need to be on the same account so that all domains point to the same document root. They will all need their own SSL certificates and I'm trying to use AutoSSL with Let's Encrypt for this.
Using the cPanel API I added example2.com as an addon domain to this account. This created them as a subdomain of example.com e.g. example2com.example.com.
The addon domain is created correctly and points to the correct document root. However, the AutoSSL causes a problem because it assigns the wildcard certificate. This means that when you visit example2.com the SSL certificate is for *.example.com. Of course, this means it is invalid and shows warning errors in browsers.
To get around this I have attempted to add the addon domains in a container subdomain (as subdomains of a subdomain don't get covered by the wildcard) e.g. example2com.container.example.com. This prevented the wildcard problem, however, the certificates that AutoSSL created are almost always broken with incorrect CN and random SANs from other domains in the container subdomain.
Does anyone have any ideas for workarounds for either of these problems?
Regards,
Aidan Brookes