logo
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Register Log in  RSS Apache Lounge
 


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.



Mod_md and wildcard for two domains

 
Post new topic   Reply to topic    Apache Forum Index -> Apache third-party Modules



View previous topic :: View next topic  
Author Message
bagu



Joined: 06 Jan 2011
Posts: 150
Location: France

PostPosted: Sat 14 Sep '19 20:32    Post subject: Mod_md and wildcard for two domains Reply with quote

Hello,

I wonder if it's possible to have a wildcard certificate for two domains with mod_md.

I ask this because i have an hmailserver installation with only one certificate for *.bagu.fr and *.bagu.biz witch allow me to have smtp.bagu.fr and other things like that without having the need to have these subdomains responding with apache. (dns only)

But this certificate is renew every 3 month manually...

Waste of time.

If i could have only one wildcard certificate with mod_md, i could do this automatically.

Can you help me to do this ?
Thanks
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2203
Location: Sun Diego, USA

PostPosted: Tue 17 Sep '19 23:10    Post subject: Reply with quote

The problem is that wildcards can only be obtained through txt records in DNS. In most cases, automating this part cannot be done. [1]

I have two wildcards, yes every 3 months I have to do it manually, but for the luxury of being able to use the wildcards, I can handle doing it 4 times a year. I have done it now 4 or 5 times now and just this past week it took me all of 10 minutes in total to do, and most of that time was waiting for TTLs.

[1] However, see the post by danb35 at https://community.letsencrypt.org/t/wildcard-certificates-and-http-challenge/102060

I have not tried it so I cannot say it actually works.
Back to top
bagu



Joined: 06 Jan 2011
Posts: 150
Location: France

PostPosted: Thu 19 Sep '19 15:17    Post subject: Reply with quote

Hello,

I ended up doing otherwise.

I changed the MX of bagu.fr to point to bagu.biz (rdns name of my ip address)
So I only need a certificate for bagu.biz

However, when I put this certificate on the hMailServer mail server, I can not connect.

The SSL session fails.

So my question is: is there something different between the certificate generated by mod_md and my cacert certificate used for my mail server ?
knowing that this is the only difference between a configuration that works and one that does not work)

Thanks a lot
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Apache third-party Modules
Page 1 of 1