LetsEncrypt on Subdomain


#1

I’m having issues trying to get LetsEncrypt working on a subdomain with EE. I have 2 domains set up:

  1. example.com
  2. sub.example.com

Running this ee site update example.com --letsencrypt works just fine.

However, running this for the sub-domain returns the following error (and yes, DNS records are pointing correctly.

Unable to setup, Let's Encrypt

Please make sure that your site is pointed to same server on which you are running Let's Encrypt Client to allow it to verify the site automatically.

How can I make this work? One idea I have is to edit sub.example.com in EE to point to the CERT which was assigned to the main example.com site. Any suggestions? Is this a bug? (considering this is still in BETA)


#2

I have plenty of subdomains, spread across several servers, and never had such kind of issue.

What did you do to make sure the DNSs are all pointing to correct IPs?


#3

I don’t know which DNS provider you are using, but you should also have www.sub.examle.com on your DNS record in order to use Let’s Encrypt on a sub domain. I did this with cloudflare DNS and it worked.

To make it short, make sure you have following records.

  1. sub.example.com
  2. www.sub.example.com (which you just need for LE to work, you may keep the record in case LE can’t update the cert.)

then run the command

ee site update sub.example.com --letsencrypt

How to renew let's encrypt ssl?
#4

[quote=“jpuser, post:3, topic:6112, full:true”]…you should also have www.sub.examle.com on your DNS record in order to use Let’s Encrypt on a sub domain. I did this with cloudflare DNS and it worked. [/quote]

This is a great suggestion. I do not have www.sub.example.com set up in the DNS settings. I didn’t know LE would check for that when it is already a subdomain to begin with. I’m setting it now and will let you know if that fixes it.

SUCCESS!

Thank you @jpuser


#5

Thanks, I would have never figured out that was the issue.


#6

While this thread is aging gracefully, this thread feels like the right place to add a similar Google related issue and fix. So, a preemptive apology may be in order, for reviving this post. Sorry!

While this issue is likely common for many WordPress installs on subdomains, this issue presents itself on WordPress subdomain installs, hosted by Google’s Cloud Console (Compute/Container Engine).

Correcting this issue may not be difficult, but can be a little funky when using Google Domains. So I’ve attached a screenshot of the settings used to make this work for our client(s).

DISCLAIMER: This works on Google Domains, but isn’t necessarily how other DNS providers work.


#7

Thanks for posting this, the www.sub.domain.com trick worked for me also!!


#8

Hey there, Thank you for this, I was looking for a similar solution. So, just to confirm, I need to create two A records in Cloudflare (with an Orange Cloud) for www.sub and sub and point them to my server’s IP, correct?


#9