Install SSL on A recored

MR.Dev · July 27, 2022, 8:35pm

Hello,

I have SSL on main domain name

I add A record

sab A IPv4

sab.domain.com is worked normally

But the SSL is not installed on sub.

I don’t need create subdomain

Any Idea?

David-Spring · July 28, 2022, 1:03pm

I have SSL records for several sub domains. There are four important steps.
First, in your VPS host DNS Manager, the A record for the sub domain needs to point to the IP address for the main domain for example
sab A 123.456.789.123
Second, you need two CAA records pointing to letsencrypt dot org. The first CAA record should be issue (which covers the main domain). The second CAA record should be issuewild (which covers all sub domains – including your mail sub domain).
Third, in your Hestia User account for your main domain, create a new website, sab.domain.com and save it.
Fourth, edit the sub-domain website and add a Lets Encrypt SSL certificate. If the DNS records are proper, you will get an SSL certificate for your sub domain. If not, then something is wrong with your DNS records – most likely the CAA records.

MR.Dev · July 28, 2022, 1:29pm

Thank you for your response.
I’ve found that the base script contains multiple stores with the same database of the base store.
All the sub stores are associated with *.domain.com
I have added *.domain.com as Aliase
All the stores worked fine while they weren’t working with A record before but the SSL certificate didn’t work on any of the sub-stores.
If you add a subdomain to any of the stores, the store in the database will not work, but Hestia default folders and files will be created for the new domains or subdomains and will not be able to read the stores from the databases.
So I need to add a SSL certificate for the existing stores that are read from the database by Aliase as well as any stores that are created in the future.

MR.Dev · July 28, 2022, 3:38pm

Solved by this steps:

Step one: add CAA
* CAA issue "letsencrypt.org"
@ CAA issue "letsencrypt.org"

Step two: Remove www.domain.com from Aliases and add *.domain.com
Then Select all of:

Enable SSL for this domain
Use Lets Encrypt to obtain SSL certificate
Enable automatic HTTPS redirection
Enable HTTP Strict Transport Security (HSTS)

Save

system · August 27, 2022, 3:38pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.