The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AutoSSL, Let's Encrypt, Aliases and subdomains. How to handle them?

Discussion in 'Security' started by Harikalar Kutusu, Nov 3, 2016.

  1. Harikalar Kutusu

    Joined:
    Jan 13, 2016
    Messages:
    23
    Likes Received:
    6
    Trophy Points:
    3
    Location:
    Istanbul, Turkey
    cPanel Access Level:
    Root Administrator
    I'm completely new to SSL... I installed it. Now I have questions. I read a lot and got confused.

    I have a VDS with about 10 accounts, and I thought 100/vhost limits, renewing limits etc are not an issue.

    All of my domains have com/net/org bought, setup as alises and redirected in .htaccess... Example:

    I have one example.org (1 certificate)
    I also have example.com, example.net, example.org.countrycode as alises. (+4)
    Each DNS has own definition, www, mail, ftp defined. (*4)
    This makes a total of 20.

    example.org has 5 subdomains defined as CNAME's (+5)
    It seems www.subdomain CNAME's are also needed or it errors out (+5)
    So a total of 30 out of 100 got used for a single domain.

    Also when needed, would refreshing limit would make them wait? Or is it a single entity?

    What I need is to have SSL on (www.)example.org, mail.example.org and ftp.example.org. Also 5 subdomains of course... Total 9...

    How can I handle this? What are my options wiith the current status as of version 60.x?
    I cannot remove mail/ftp from alises, AutoSSL gives errors. Is it possible?
    Would it be best to park the alises elsewhere?
    What else?

    I read some debate on this and some feature requests but I cannot decide now.
    I have mail SSL connection issues I couldn't fix. Outlook 2016 gives 0x80040900 errors, probably these are related.

    Any help and directions are much appreciated.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,163
    Likes Received:
    1,294
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    AutoSSL generates certificates based on Virtual Host entries in Apache, not based on DNS records. Thus, if you manually add a CNAME entry, it's not included as part of the AutoSSL feature. We recently published the following document to help explain how your server handles domains and virtual hosts:

    How Your Server Handles Domains and Virtual Hosts - cPanel Knowledge Base - cPanel Documentation

    In addition, here's a section relevant to your question from our Manage AutoSSL document:

    Also, take a look at the following document to see how the Domain TLS feature works for services such as email in cPanel version 60:

    What is Domain TLS - cPanel Knowledge Base - cPanel Documentation

    Thank you.
     
    Harikalar Kutusu likes this.
  3. Harikalar Kutusu

    Joined:
    Jan 13, 2016
    Messages:
    23
    Likes Received:
    6
    Trophy Points:
    3
    Location:
    Istanbul, Turkey
    cPanel Access Level:
    Root Administrator
    As indicated, my understanding of vhosts was very wrong indeed.

    After carefully examining the settings, everything is going well now.

    And the error from Outlook is based on Outlook. I've got rid of it (after so much years) and moved to Thunderbird. Outlook just can't handle 50+ e-mail addresses and got confused by parallel connections.

    Thank you...
     
    cPanelMichael likes this.
Loading...

Share This Page