Quick remedies to Multi-level subdomain wildcard SSL

Table of Contents

Securing a single website with an SSL certificate is pretty simple.

But, it’s complicated in the case of multi-level subdomains (for eg: new.blog.domain.com).

Here comes the role of the wildcard SSL certificate, one of the security solution for websites with multi-level subdomains.

At 1 onlyhost , we often get requests from our customers to set up “Multi-level subdomain wildcard SSL” as part of our Server Management Services.

Today, we’ll see how our Support Engineers configure “Multi-level subdomain wildcard SSL” and fix the related issues with it.

 

 

How to set up Multi-level subdomain wildcard SSL

Let’s see the requirements for setting wildcard SSL on the multi-level subdomain.

We do the following steps.

1. Initially, we access the terminal.

2. Next, we run the command to generate CSR (Certificate Signing Request).

openssl req –new –newkey rsa:2048 –nodes –keyout servername.key –out servername.csr

3. Then, we enter the details of the multi-level subdomain (*.*.domain.com), organization, etc.

4. We download the Private Key along with the CSR file.

5. Next, we open the Apache configuration file /etc/httpd/httpd.conf & add the following code to configure.

<VirtualHost x.x.x.x:443>
DocumentRoot /var/www/html
ServerName www.yourdomain.com
SSLEngine on
SSLCertificateFile /path/to/your_domain_name.crt
SSLCertificateKeyFile /path/to/your_private.key
SSLCertificateChainFile /path/to/intermediate_certificate.crt
</VirtualHost>

6. Finally, we restart the services.

That’s how we install the wildcard SSL certificate on the multi-level subdomain.

 

Top 2 causes & fixes in Multi-level subdomain wildcard SSL

Even after setting up the wildcard SSL certificate in second-level subdomains, we often see some errors.

Let’s see how our Support Engineers solved them.

1. SAN certificate issue

Recently, one of our customers had reported us with a problem regarding wildcard SSL certificate on the multi-level subdomain. After installing wildcard SSL & when he tried to access “https://www.sub.domain.com” it resulted in certificate error(address miss match).

So, we took the following steps to solve the problem.

1. First, we opened the terminal.

2. We run the following command to view the content in human-readable form.

openssl x509 -in certificate.crt -noout -text

3. Next, we navigate to see the SAN field entry X509v3 Subject Alternative Name

4. By analyzing, we found that the SAN field entry was not present for the corresponding subdomain *.sub.domain.com

5. So, we asked them to purchase a new wildcard SAN cert from the Certificate Authority.

Wildcard certificate issued for the multi-level subdomain (*.sub.domain.com) won’t secure the main domain (domain.com) by default. To secure the main domain you need to purchase the SAN certificate.

Now, the user could access the multi-level subdomain without any errors.

 

2. Multi-level subdomain wildcard not supported in AWS

AWS Certificate manager (ACM) allows to use an asterisk (*) in the domain name to create a wildcard certificate that protects several sites in the same subdomain. For example, *.domain.com protects www.domain.com and images.domain.com.

However, ACM doesn’t support to add two level wildcard domain name. When you try to add, it gives an error like “invalid domain name”.

So, to solve this problem our Technical Team asked the users to purchase SAN certificate on the main domain and add each multi-level subdomain to the same cert.

That’s how our Support Engineers fixed the problems with multi-level subdomain wildcard SSL.

 

[Having trouble with multi-level subdomain wildcard SSL? We’ll fix it for you.]

 

 

Conclusion

To be more precise, with multi-level wildcard SSL certificates securing second-level subdomain becomes easier. Today, we saw the top 2 common errors with it and how our Support Engineers fixed them.

Leave a Comment

Your email address will not be published. Required fields are marked *

Social Share

Facebook
Twitter
LinkedIn
Telegram

Cheapest Web Hosting

Fasters Web Hosting Promo
Scroll to Top

Launch your Website at RS599

Create a professional website yourself with our domain hosting combo. Get Extra benefits at this Year end Sale with 10% OFF and Enjoy Amazing Deels on Shared Hosting!

Starting at Only RS599/Year

Year End Sale

Hours
Minutes
Seconds

Use Code STARTBIZ at Checkout.

Create an earning opportunity with A Web Hosting Business

Become reseller and start reselling domains, web hosting, ssl certificates and More.

45% OFF

Starting at RS399/Month

Hours
Minutes
Seconds

Use coupon: at the checkout.