Hello there, I have 2 domains .com and .fr and would like to use the .fr domain as an alias to the .com one. Those were the steps I did: Alias was setup in DNS with an A record pointing to the same server as the .com main domain. Added domains to client in ISPConfig Created site using .com domain For the main domain Domain tab -> Mark SSL + Let’s Encrypt SSL boxes Redirect tab Redirect Type is “R=301,L” Redirect Path is blank SEO Redirect is “domain.tld => www.domain.tld” Mark the “Rewrite HTTP to HTTPS” boxes SSL tab -> Mark the “Enable SPDY/HTTP2” box as my server is configured for HTTP2 For the alias Select the .fr domain from the Domain list to be used as alias Parent site is the .com domain Redirect Type is “R=301,L” Redirect Path is blank Auto-Subdomain is www. SEO Redirect is “domain.tld => www.domain.tld” “Don’t add to Let’s Encrypt certificate” is unchecked “Active” is checked Visiting the .fr domain gives me a Privacy error from Chrome, saying that the .fr domain is using the certificate from the .com domain, hence it's insecure. Checking the Let's Encrypt log in /var/log/letsencrypt/letsencrypt.log right after the creation of the alias, shows me this: Code: 2018-10-29 11:37:03,355:INFO:certbot.renewal:Cert not yet due for renewal 2018-10-29 11:37:03,355:INFO:certbot.main:Keeping the existing certificate 2018-10-29 12:05:02,926:DEBUG:certbot.main:certbot version: 0.23.0 2018-10-29 12:05:02,927:DEBUG:certbot.main:Arguments: ['-n', '--text', '--agree-tos', '--expand', '--authenticator', 'webroot', '--server', 'https://acme-v02.api.letsencrypt.org/directory', '--rsa-key-size', '4096', '--email', '[email protected]', '--domains', 'cocoandcachou.com', '--domains', 'www.cocoandcachou.com', '--webroot-path', '/usr/local/ispconfig/interface/acme'] 2018-10-29 12:05:02,927:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2018-10-29 12:05:02,938:DEBUG:certbot.log:Root logging level set at 20 2018-10-29 12:05:02,938:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2018-10-29 12:05:02,940:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None 2018-10-29 12:05:02,940:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot Description: Place files in webroot directory Interfaces: IAuthenticator, IPlugin Entry point: webroot = certbot.plugins.webroot:Authenticator Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f5a9ea755c0> Prep: True 2018-10-29 12:05:02,941:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f5a9ea755c0> and installer None 2018-10-29 12:05:02,941:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None 2018-10-29 12:05:02,950:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f5a9ea6fa58>)>), contact=('mailto:[email protected]',), agreement=None, status='valid', terms_of_service_agreed=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/43100118', new_authzr_uri=None, terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'), 1b6f5eddcd5b431a911b63ce25bfdc27, Meta(creation_dt=datetime.datetime(2018, 10, 1, 19, 3, 4, tzinfo=<UTC>), creation_host='mynicehost.com'))> As you can see, no mention at all of the .fr domain in the log, so I have no idea what went wrong. Can anyone shed a light here? Thanks in advance, Arky
Try unchecking let's encrypt checkbox in the website, click save, enable it again and press save. If this does not help, then try using debug mode to see why the alias domain gets excluded form LE cert.
A quick follow up to this question with another question: What should I use as Redirect Type if I want people that enter the .fr alias to keep it as the URL, instead of rewriting it to .com? Thanks again, Arky
