Sure. There is an option for that on the ssl tab see *.domain.tld. I use this one several servers, works fine. Thanks for pointing that out, we missed to close this request a few ywars ago at the time we implemented the feature.
Here is what I used for hybrid automatic Lets Encrypt WildCard SSL Certificate. Someone else might have a better solution -- please go ahead and append here for other to use it. NOTE: This method uses the DNS Validation ( as the Letsnencrypt's only supported mechanism for wild card SSL certificates ) I use Linode as my DNS host best option is to follow this procedure in screen terminal 1) install the acme.sh using latest release. Code: curl https://get.acme.sh | sh 2) Generate the API Key for your your Linode Manager -- manual task 3) now edit the $USER/.acme.sh/accounts.conf and place the API KEY inside the file as a parameter at the end of file LINODE_API_KEY='tsgrjhtjjtyityuithtrgesdjffp3r3mpo34r3mfonoivo50t34r093u4rjflkenfvnvlsjqfjllsdnvlknlwfwfsdkfj' 4) manually execute the command below for certificate issuance . Code: acme.sh --force --issue --dns dns_linode -d domain.tld -d '*.domain.tld' --dnssleep 3600 ** please note the DNS sleep timer is set to 1 hour, as the linode DNS updates take more than 45 minutes for the zone information to be updated 5) After 3600 seconds or 1 hour, your LetsEncrypt SSL Certificate will be ready for use -- sample run would be like Code: [Thu Jan 31 20:44:51 PKT 2019] Registering account [Thu Jan 31 20:44:52 PKT 2019] Registered [Thu Jan 31 20:44:52 PKT 2019] ACCOUNT_THUMBPRINT='7nLZewrtrtsfsdgdfbsdfvdfhtyjkmfgbdsE' [Thu Jan 31 20:44:52 PKT 2019] Creating domain key [Thu Jan 31 20:44:52 PKT 2019] The domain key is here: /root/.acme.sh/domain.tld/domain.tld.key [Thu Jan 31 20:44:52 PKT 2019] Multi domain='DNS:domain.tld,DNS:*.domain.tld' [Thu Jan 31 20:44:52 PKT 2019] Getting domain auth token for each domain [Thu Jan 31 20:44:53 PKT 2019] Getting webroot for domain='domain.tld' [Thu Jan 31 20:44:53 PKT 2019] Getting webroot for domain='*.domain.tld' [Thu Jan 31 20:44:53 PKT 2019] Found domain api file: /root/.acme.sh/dnsapi/dns_linode.sh [Thu Jan 31 20:44:53 PKT 2019] Using Linode [Thu Jan 31 20:44:55 PKT 2019] Domain resource successfully added. [Thu Jan 31 20:44:55 PKT 2019] Found domain api file: /root/.acme.sh/dnsapi/dns_linode.sh [Thu Jan 31 20:44:55 PKT 2019] Using Linode [Thu Jan 31 20:44:56 PKT 2019] Domain resource successfully added. [Thu Jan 31 20:44:56 PKT 2019] Sleep 3600 seconds for the txt records to take effect [Thu Jan 31 21:45:08 PKT 2019] Verifying: domain.tld [Thu Jan 31 21:45:09 PKT 2019] It seems the CA server is busy now, let's wait and retry. Sleeping 1 seconds. [Thu Jan 31 21:45:13 PKT 2019] Success [Thu Jan 31 21:45:13 PKT 2019] Verifying: *.domain.tld [Thu Jan 31 21:45:16 PKT 2019] Success [Thu Jan 31 21:45:16 PKT 2019] Removing DNS records. [Thu Jan 31 21:45:16 PKT 2019] Using Linode [Thu Jan 31 21:45:18 PKT 2019] Domain resource successfully deleted. [Thu Jan 31 21:45:18 PKT 2019] Using Linode [Thu Jan 31 21:45:20 PKT 2019] Domain resource successfully deleted. [Thu Jan 31 21:45:20 PKT 2019] Verify finished, start to sign. [Thu Jan 31 21:45:22 PKT 2019] Cert success. -----BEGIN CERTIFICATE----- [skipped] -----END CERTIFICATE----- [Thu Jan 31 21:45:22 PKT 2019] Your cert is in /root/.acme.sh/domain.tld/domain.tld.cer [Thu Jan 31 21:45:22 PKT 2019] Your cert key is in /root/.acme.sh/domain.tld/domain.tld.key [Thu Jan 31 21:45:22 PKT 2019] The intermediate CA cert is in /root/.acme.sh/domain.tld/ca.cer [Thu Jan 31 21:45:22 PKT 2019] And the full chain certs is there: /root/.acme.sh/domain.tld/fullchain.cer once finished you will have 3 files ready in $USER/.acme.sh directory I)/root/.acme.sh/domain.tld/domain.tld.cer II)/root/.acme.sh/domain.tld/domain.tld.key III) /root/.acme.sh/domain.tld/ca.cer 6) once completed, Open your ISPConfig admin panel, goto the Sites-> domain.tld ->Options -> Apache Directives Enter these lines in apache directives box. Code: SSLCertificateFile /root/.acme.sh/domain.tld/domain.tld.cer SSLCertificateKeyFile /root/.acme.sh/domain.tld/domain.tld.key SSLCertificateChainFile /root/.acme.sh/domain.tld/fullchain.cer Click Save . Once task Icon is gone , check any of the subdomain on your domain.tld to check and validate the certificate. 7) Next part is automate the acme.sh script using cronjob edit the crontab listing Code: 00 05 1 0,3,6,9 * acme.sh --force --issue --dns dns_linode -d domain.tld -d '*.domain.tld' --dnssleep 3600 My apologies, this crontab entry might not be the correct , as I haven't verified it yet on my system. Again, there might be better way to accomplish the same task, for me this is what I have working for me.You will have to take care of cronjob entry only, rest is fixed for the life of ISPConfig. Regards, Nasir Mahmood
Hi, i have SSL wildcard from COMODO, i install it correctly and ssl checker give me correct ssl config answer:https://www.sslshopper.com/ssl-checker.html#hostname=www.ppa.sk But cannot switch Rewrite HTTP to HTTPS, i give error of infinity bad loop, any explorer when i put domain direction with https redirect automatically to http. what happend? Whats is wrong?
