Letsencrypt certificates combined with other SSL for same account

pstoilov

Verified User
Joined
Apr 3, 2026
Messages
6
Hello guys,
First of all I am coming from cPanel with plans to migrate accounts to DirectAdmin and I am still in process of testing and researching.
Here is my specific question.
In cPanel we use certificates from a SSL provider which we install and they cover www.domain.tld and domain.tld. AutoSSL is disabled by default, but when you enable it for specific account it tries to secure all domains and subdomains except these which already has other SSL. In my example domain.tld and www.domain.tld are already secured.

What is my goal with DirectAdmin.
I already used this guide and created post scripts in order to set new accounts with SSL on, but ssl off for new domains. The idea is, that we are using external system which manages customers and using api to be able to install SSL for given domain, when that is needed and when we have control over this domain.

Now, I also set a global webmail.domain.com vhost configuration in /usr/local/directadmin/data/templates/custom/virtual_host2.conf.CUSTOM.4.post and /usr/local/directadmin/data/templates/custom/virtual_host2_secure.conf.CUSTOM.4.post.
Basically, I want every domain to be able to redirect webmail.domain.tld to https://my.server.tld/webmail, which is my roundcube URL.

My question is, am I be able to have SSL for domain and www.domain from one provider and in the same time, LE ssl for other domains or subdomains, also having the fact that webmail.domain.tld is not a real host/subdomain.

Thank you.
 
Hello,

Domains under the same user account might have certificates issued by different providers. Subdomains when added exactly as subdomains (vs an independent domain with its own public_html directory) inherit a certificate from a parent domain.
 
Hello,

Domains under the same user account might have certificates issued by different providers. Subdomains when added exactly as subdomains (vs an independent domain with its own public_html directory) inherit a certificate from a parent domain.
Hey, so in my case, if my SSL cover only domain and www.domain and I add sub.domain, it will trow certificate error and I will need wildcard certificate. My default way to add subdomains will be with independent public_html directory at /domains/sub.domain.tld/public_html and, if I do it this way, it returns SSL error.

I did another test. I have installed my SSL for domain and www.domain. After that via scripts installed LE for subdomain:
/usr/local/directadmin/scripts/letsencrypt.sh request mail.domain.tld 4096
Request was success and SSL files appeared in the domains folder, but certificate is not served. Because there is no such virtual host, it defaults to default server page and SSL. It also does not work when use this host in mail settings as IMAP/SMTP host.
When I install only LE for all domains and subdomains, it works.
 
When I install only LE for all domains and subdomains, it works.

When you create a certificate for mail.domain.tld (not existing in /etc/virtual/domains, /etc/virtual/domainowners) with the script in SSH, it gets created but never attached to any service. So you will need to create a subdomain mail.domain.tld in directadmin, and the certificate will get used.
 
Back
Top