- Plesk for Linux
A wildcard certificate is issued for example.com with 'secure www' option enabled. alias.com is added to the list of issued certificates.
On opening https://www.alias.com, a warning about incorrect certificate is shown:
PLESK_WARN: HSTS warning - incorrect cert
"www" of domain alias is not added to SANs list and therefore is not secured by Wildcard certificate. This is Let's Encrypt extension bug with ID EXTLETSENC-568 which is planned to be fixed in future updates.
As a workaround:
- Go to "Plesk > Domains > example.com > Let's Encrypt" and issue a wildcard certificate _without_ including the aliases. As a result, a certificate which secures "example.com" and " * .example.com" will be obtained.
- Go to "Plesk > Domains > example.com > SSL/TLS Certificates > Lets Encrypt example.com" and rename it to the other one, e.g. to "Wildcard example.com". Press the "Rename" button.
- Go to "Plesk > Domains > example.com > Let's Encrypt" and issue an ordinary (non-wildcard) certificate with marked "Include a "www" subdomain for the domain and each selected alias" and "Secure webmail on this domain" checkboxes and added all aliases to the right-side list. As a result, will be obtained a certificate for "example.com", "www.example.com", "alias.com", "www.alias.com", etc aliases.
- Go to "Plesk > Domains > one.example.com > Hosting Settings" and select a "Wildcard example.com (one.example.com)"certificate. Repeat this step for each subdomain.