Aspegic
Verified User
- Joined
- Aug 4, 2005
- Messages
- 282
The problem:
When a browser requests the certificate for the main domain colorbase.com, it returns the correct Let's encrypt certificate.
But if the browser requests the certificate for any subdomain, instead of the Let's encrypt certificate, DirectAdmin returns its own default self-signed certificate.
This stopped working about a week ago, it used to work fine for over 2 years. I have no idea what changed.
I verified that Let's Encrypt is installed and working correctly.
letsencrypt=1, dns_ttl=1, mail_sni=1 and secure_access_group=access are all present in Directadmin.conf
I can execute a new certificate request and Let's Encrypt will return a new certificate as expected. Yes, I made sure that the "Wildcard" checkbox was checked. That is also confirmed on the SSL Certificates page in DirectAdmin, that the certificate is valid for both the main domain as well as for wildcard domains "*".
I think the problem is not with Let's Encrypt, but I am not 100% sure. It seems more like a DirectAdmin/Apache/Nginx problem.
I do not know why DirectAdmin returns its own default self-signed certificate for all sub-domains, instead of the Let's Encrypt one. That's what I can't figure out.
Does anyone have an idea what could be wrong?
PS. I discovered that the www subdomain does return the correct Let's Encrypt certificate. But that's the only subdomain name that seems to be working correctly.
When a browser requests the certificate for the main domain colorbase.com, it returns the correct Let's encrypt certificate.
But if the browser requests the certificate for any subdomain, instead of the Let's encrypt certificate, DirectAdmin returns its own default self-signed certificate.
This stopped working about a week ago, it used to work fine for over 2 years. I have no idea what changed.
I verified that Let's Encrypt is installed and working correctly.
letsencrypt=1, dns_ttl=1, mail_sni=1 and secure_access_group=access are all present in Directadmin.conf
I can execute a new certificate request and Let's Encrypt will return a new certificate as expected. Yes, I made sure that the "Wildcard" checkbox was checked. That is also confirmed on the SSL Certificates page in DirectAdmin, that the certificate is valid for both the main domain as well as for wildcard domains "*".
I think the problem is not with Let's Encrypt, but I am not 100% sure. It seems more like a DirectAdmin/Apache/Nginx problem.
I do not know why DirectAdmin returns its own default self-signed certificate for all sub-domains, instead of the Let's Encrypt one. That's what I can't figure out.
Does anyone have an idea what could be wrong?
PS. I discovered that the www subdomain does return the correct Let's Encrypt certificate. But that's the only subdomain name that seems to be working correctly.
Last edited: