Unable to setup SSL correctly with VestaCP


#1

Hello,

Last few days I’ve been struggling to setup SSL for my new server.

I tried multiple things for generating the CSR:

If there is any other information you would like to know please let me know.

Thank you.


#2

A lot of info there! Without digging too deeply into it, could it be to do with the fact that the Universal SSL certificates only cover *.yourdomain.com, but not *. *.yourdomain.com.

i.e. it covers {REDACTED} but not {REDACTED} .

Even if you add that to the origin cert, as it appears you have done, it doesn’t add it to the Universal Certificate. You would need to buy a dedicated certificate for that.


#3

That makes sense, however I can’t confirm this fact you state about Universal SSL certificates coverage.

From the Help:
Hosts: Hosts is the set of hostnames covered by the certificates in the certificate pack. For custom and Keyless certificate packs, the set of hostnames is determined by the hostnames present in the common name (CN) and subject alternative name (SAN) fields on the first certificate added to the pack.


#4

Is this what you mean?


#5

Yes, thank you.


#6

Please delete this topic as it might contain sensitive information.


#7

You can withdraw your original post or Redact sensitive info (edit pencil icon) and I will Redact anything sensitive in mine.


#8

Apparently I can’t because of the level of my account (neither editing or withdrawing the post).


#9

I’m surprised you can’t edit! I don’t ever remember not having that functionality… You will have to wait for a mod to come on to react the sensitive into then.

@cloonan!!