Let's Encrypt subdomains added on vhost.conf.master

Discussion in 'Tips/Tricks/Mods' started by texilee, Apr 29, 2022.

  1. texilee

    texilee New Member

    Hello guys,

    my edited vhost.conf.master contains some subdomains

    ServerName <tmpl_var name='domain'>
    ServerAlias staging.<tmpl_var name='domain'>
    ServerAlias search.<tmpl_var name='domain'>
    ServerAlias images.staging.<tmpl_var name='domain'>
    ServerAlias images.<tmpl_var name='domain'>

    If I flag the Let's Encrypt checkbox the SSL cert is valid only for domains and subdomain recorded on database ( domain and www[.]domain)

    Is there a way to add the missing subdomains automatically ? Off course I can solve by extending the cert using certbot client

    Thanks in advance
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Why edit the file? Why not add the subdomains in ISPConfig Panel?
    I believe this is intended behaviour. ISPConfig gets certificate for the domains and subdomains it knows about.
    My understanding is if you do this ISPConfig no longer renews the certificates automatically. Using certbot commands from the command line breaks ISPConfig as far as certificates go.
     
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    No, as they don't exist in ISPConfig and ISPConfig can only add subdomains to a cert that exist in ISPConfig as sub- or alias domains for the site. Instead of editing the vhost template, create the subdomains in ISPConfig, if you have to do that for many sites, use the ISPConfig remote API or write a ISPConfig interface plugin that adds them when you create a new site.
     
  4. texilee

    texilee New Member


    @Taleman because I have ~100 vhost using this subdomain list, plus some reverse proxy directives. About the certs renew it should works. I will follow Till suggestion about the interfaces plugin

    @till crystal clear, I'm going to check the docs then to write a plugin. The purpose is to let the customer add vhost by himself

    Thanks to both!
     

Share This Page