Own Letsencrypt ssl certificate for domain and any subdomains

Hi i have domain rhscz.ga, but i have own certificate for main domain which works great, but when i try to add same certificate (certificate includes *.rhscz.ga as Subject Alternative Name) to that subdomain, control panel absolutely ignores Subject Alternative Name in certificate and it write to me “The certificate uploaded is NOT for the domain name rhs.rhscz.ga (rhscz.ga was seen) .” But when i tested localy(on apache server) this certificate works( no errors in browser) for main domain and any subdomain i tested. You should fix this this issue(if i looked on to certificate and error which it wrotes i think it checks only for Common Name and not for Subject Alternative Name). Because it’s stupid to write domain and specific subdomains into certificate if i could do this unverisal for any subdomain. And its stupid to create certificate for each subdomain or create new certificate when i add some subdomain.
link for decrypted certificate

If you are trying to install a wildcard certificate, that will not work on free hosting.

1 Like

it says the subdomains are included?

Only the www subdomain is included for generation in the InfinityFree SSL certificate generation tool, but some other tools also permit you to generate Let’s Encrypt certificates for wildcard domains, which require you to verify your domain with a TXT record, and also are not supported for installation on free hosting. Installing certificates that aren’t wildcard certificates, but are trusted and not self-signed, is possible instead.


yeah i know you cant verify through TXT or AUTO but well… yeah

1 Like

but can admin request to ifastnet to get wildcard ssl?

i’m trying install original trusted certificate from letsencrypt, but i make certificate by certbot(localy with custom dns challenge, not from infinityfree client area). To obtain this certificate is little bit tricky but normally tested and works fine(locally on apache) but that stupid check only for Common Name defends me from using it. i have installed this trusted ceritficate on https://rhscz.ga, but cant install on subdomain.

You can replicate the same CNAME trick which our client area integration does as well. Although you’ll need to have a domain name with another DNS provider to do that.

Wildcard SSL in what way?

The current SSL/TLS tool still doesn’t allow you to upload SSL certificates to subdomains. Even if our SSL/TLS tool would correctly recognize wildcard certificates, you wouldn’t get any additional features compared to the single domain certificates we use now.

Also, the current SSL integration is intended as a temporary measure until we can bring free SSL to all domains. But I don’t know when that will be ready.

@rhsCZC I think the easiest solution here would be to just get a new certificate using our tool. VistaPanel is quite picky when it comes to private keys and SSL certificates, and if you use our panel, you can be sure that the private key and certificate you get actually work with the panel.

Also, I tried to look up your SSL certificate, but it doesn’t seem to be registered at all: crt.sh | %rhscz.ga


I don’t know why it’s not there, but when i go to my website( in any browser) under https it goes there normally without any error about certificate. but after search on transparency google it is there. Google Transparency Report

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.