How to install Let's Encrypt certificate for domain alias?
Domain alias support was added in Let’s Encrypt version 2.0.0. It is not possible to secure only domain alias with a certificate without securing main domain. But it is possible to create a new Let's Encrypt certificate having specified aliases to secure during the certificate creation.
First, install Let's Encrypt from Extensions catalog if it is not yet installed.
Then create a new certificate:
- Go to Websites & Domains > Let's Encrypt.
- Specify the email address that will be used for urgent notices and lost key recovery. By default, the email address of the subscription owner is used.
- Specify if you want to include an alternative domain name for the domain and each selected alias, for example:
www.example.comfor example.com. We recommend that you select this checkbox.
- Specify if you want to include webmail, for example:
webmail.example.com. We recommend that you select this checkbox.
- If there are domain aliases, select the ones that you want to include in the certificate.
- Click Install to get and install the Let's Encrypt certificate for the subscription.
Finally, secure the main website with it's aliases:
- Go to Websites & Domains and click Hosting Settings.
- Select the SSL/TLS support checkbox.
- Select the Let's Encrypt certificate you have just received from the Certificate menu, and click OK.
To secure a domain alias with a certificate purchased from one of the certificate authorities, contact the certificate provider in order to add the alias name to the certificate as the subject alternative name (or SAN). Then, secure the main domain with this certificate as described in the article How to install SSL certificate for a domain in Plesk.