Let's Encrypt Certificate Sub-Domain - Main Domain Question

Discussion in 'Installation/Configuration' started by jtomelevage, Oct 15, 2019.

  1. jtomelevage

    jtomelevage New Member

    I've noticed that the Let's Encrypt certificates for our hosted domains have their certificate details indication a sub-domain and not the actual domain.
    Example: on MainDomain.com the certificate is showing for SubDomain.MainDomain.com
    The Sub-Domain is in fact a legitimate Sub-Domain, but on other servers we host the certificates are not done this way.
    Any ideas why this is, or is there a setting we need to make in ISPConfig?

    ISPConfig Version = ISPConfig 3.1dev

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The cert contains all domains of the website automatically and the mail domain, the one that you enter in the domain field of the site, is given to certbot as first domain. Everything else is handled by certbot on its own and not related to ISPConfig.
  3. jtomelevage

    jtomelevage New Member

    Here is the behavior we are seeing:

    Create new Site domain in ISPConfig with Let's Encrypt option: MainDomain.com = Certificate is shown correctly MainDomain.com.
    Add a Sub-Domain (A) to above domain = Now certificate indicates Sub-DomainA.MainDomain.com.
    Add another Sub-Domain (B) to domain = Now certificate indicates SubDomainA.MainDomain.com

    Delete Sub-Domain (A) = Now certificate indicates SubDomainB.MainDomain.com

    Is this the expected behavior?
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    As said above, thats handled by Certbot internally and not ISPConfig. The only thing that matters is that the cert contains all domains and that's the case as far as I can see.

Share This Page