I use webmail.domain.com for users to login to webmail. In /usr/local/directadmin/data/templates/custom/virtual_host2_secure.conf.CUSTOM.4.post I have
This works correctly for all domains. EXCEPT where a domain uses external nameservers. The DNS at the nameservers are correctly set up to point 'webmail.domain.com' to the server IP. In DirectAdmin > Admin SSL I request a new SSL certificate for the domain and the system log shows the certificate is issued for the subdomains pointing to my server:
/etc/virtual/snidomains correctly lists both subdomains:
But DA > Admin SSL says Valid=no for the certificate and shows it using the server certificate, not the one just issued.
And in DA > Custom HTTPD Configurations > httpd.conf for the domain, it shows the SSL cert for webmail.domain.com is still using the server certificate:
All other domains httpd.conf have the domain certificate at /usr/local/directadmin/data/users/username/domains/domain.com.cert.combined
So how do I force that one domain to use the correct certificate? I have already tried re-requesting the certificate, rebuilding apache, rewriting apache conf files, restarting apache etc.
Any ideas? I really REALLY need to get this working! Thanks
Code:
</VirtualHost>
<VirtualHost |IP|:|PORT_443| |MULTI_IP|>
ServerName webmail.|DOMAIN|
ServerAdmin |ADMIN|
DocumentRoot /var/www/html/roundcube
SSLEngine on
SSLCertificateFile |CERT|
SSLCertificateKeyFile |KEY|
|CAROOT|
CustomLog /var/log/httpd/domains/|DOMAIN|.bytes bytes
CustomLog /var/log/httpd/domains/|DOMAIN|.log combined
ErrorLog /var/log/httpd/domains/|DOMAIN|.error.log
<IfModule !mod_ruid2.c>
SuexecUserGroup webapps webapps
</IfModule>This works correctly for all domains. EXCEPT where a domain uses external nameservers. The DNS at the nameservers are correctly set up to point 'webmail.domain.com' to the server IP. In DirectAdmin > Admin SSL I request a new SSL certificate for the domain and the system log shows the certificate is issued for the subdomains pointing to my server:
Code:
LetsEncrypt(1926525): exit code: 0 for domain='domain.com'
Ssl::set_sni_domains:username,domain.com: removed mail.domain.com from snidomains
Ssl::set_sni_domains:username,domain.com: removed webmail.domain.com from snidomains
Ssl::set_sni_domains: swapping snidomains: mail.domain.com=(null) with mail.domain.com=username:domain.com
Ssl::set_sni_domains: swapping snidomains: webmail.domain.com=(null) with webmail.domain.com=username:domain.com/etc/virtual/snidomains correctly lists both subdomains:
Code:
mail.domain.com:username:domain.com
webmail.domain.com:username:domain.comBut DA > Admin SSL says Valid=no for the certificate and shows it using the server certificate, not the one just issued.
And in DA > Custom HTTPD Configurations > httpd.conf for the domain, it shows the SSL cert for webmail.domain.com is still using the server certificate:
Code:
ServerName webmail.domain.com
...
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt.combined
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
...All other domains httpd.conf have the domain certificate at /usr/local/directadmin/data/users/username/domains/domain.com.cert.combined
So how do I force that one domain to use the correct certificate? I have already tried re-requesting the certificate, rebuilding apache, rewriting apache conf files, restarting apache etc.
Any ideas? I really REALLY need to get this working! Thanks