Install SSL on A recored


I have SSL on main domain name

I add A record

sab A IPv4 is worked normally

But the SSL is not installed on sub.

I don’t need create subdomain

Any Idea?

I have SSL records for several sub domains. There are four important steps.
First, in your VPS host DNS Manager, the A record for the sub domain needs to point to the IP address for the main domain for example
sab A 123.456.789.123
Second, you need two CAA records pointing to letsencrypt dot org. The first CAA record should be issue (which covers the main domain). The second CAA record should be issuewild (which covers all sub domains – including your mail sub domain).
Third, in your Hestia User account for your main domain, create a new website, and save it.
Fourth, edit the sub-domain website and add a Lets Encrypt SSL certificate. If the DNS records are proper, you will get an SSL certificate for your sub domain. If not, then something is wrong with your DNS records – most likely the CAA records.

Thank you for your response.
I’ve found that the base script contains multiple stores with the same database of the base store.
All the sub stores are associated with *
I have added * as Aliase
All the stores worked fine while they weren’t working with A record before but the SSL certificate didn’t work on any of the sub-stores.
If you add a subdomain to any of the stores, the store in the database will not work, but Hestia default folders and files will be created for the new domains or subdomains and will not be able to read the stores from the databases.
So I need to add a SSL certificate for the existing stores that are read from the database by Aliase as well as any stores that are created in the future.

Solved by this steps:

Step one: add CAA
* CAA issue ""
@ CAA issue ""

Step two: Remove from Aliases and add *
Then Select all of:

  • Enable SSL for this domain
  • Use Lets Encrypt to obtain SSL certificate
  • Enable automatic HTTPS redirection
  • Enable HTTP Strict Transport Security (HSTS)


1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.