I have created an alternate domain for my website (making sure my trading name has a registered name as well as my ltd company).
This domain is just going to ALIAS point at my existing domain via the registrar, and in fact I’ve already done that. Now I just need the certificate updating, since the url obviously is different, I’ll need a new one to cope.
Before I go ahead and renew my existing certificate in order to change my certificate - my question is, does InfinityFree permit the uploading of certificates that have more than one domain name in them? I know multiple subdomains, and/or wildcards are permitted (even if not issued by Infinity, you can still paste them in) but are multiple domains also permitted (if not able to create them, I’m not bothered, so long as I can paste it in)?
So what do you mean by this, unable to understand (me)?
From what I know, it is not allowed (except www and non-www). But if you have many domains in the account, you can alter SSL certificates for each one of them.
thebotfactory.net & www.thebotfactory.net & *.thebotfactory.net (these three are in the same certificate, issued by Let’s Encrypt and uploaded onto my control panell, including the wildcard, and it works).
I would like to add parked domains onto this same certificate so they all work for my website. So it would look like this:
thebotfactory.net & www.thebotfactory.net & *.thebotfactory.net
blantyrebotanicals.ga & www.blantyrebotanicals.ga & *.blantyrebotanicals.ga (these six are in the same certificate, will it work)
@BlantyreBotanicals, you can park domains, but not include them in the same certificate. Create another certificate for the parked domain names. That was you can park and secure the same page!
Ok, so have you added the parked domain to your account? If so, you should just get a certificate from the panel – but please use Let’s Encrypt. Go to https://app.infinityfree.net/ssls and follow the issuance process.
If you have bought your own certificate the Common Name (CN) MUST equivalent to its respective top-level-domain. Additionally, wildcard SSL is not allowed because it isn’t (dunno why).
The control panel only looks at the Common Name in the certificate, which must match the domain name exactly.
It’s fine if your certificate has other domains in the SAN field, the control panel will just accept it. But only if the Common Name matches. If the domain is in the SAN field, but the common name field is different (or empty), the control panel will not accept the certificate.
So you will need separate certificates for every domain name you host. You can’t use one wildcard or multi domain cert and just lump everything in there.
Thanks - I think you’re saying what I propose will work then, as long as I dont go through infinity but still use lets encrupt… since I have wildcard domain now on a free account (I didn’t go through Infinity to obtain my cert) and infinity accepts the wildcard, just cant order one with a wildcard via the cPanel
Can I add a certificate for each parked domain? Okay that solves ecerything - I was assuming I could only have one SSL certificate per cPanel. So if you parked 100 domains you still only had 1 SSL cert. Thanks!
No way would that work! An SSL certificate is to prove the identity of your website to a remote computer (Kind of like your ID proves your identity while driving). Similar to how ID’s work in real life, a certificate can only be for one domain (Just like an ID can only be for one person). It wouldn’t make sense if one ID could count for your entire extended family, just like it wouldn’t make sense if an SSL certificate would count for multiple domains. I hope that analogy helped
In short, each domain needs its own SSL to prove its identity.
One Cert/Key pair, with five domains and their wildcard subdomains. Installing cert onto Infinity now (I parked them just for this test)
(Oh, yes, .tk is not parked as it’s not allowed, I used an althernate DNS to verify this domain’s acme authentication - I’ve added it just as a test to see if it’s inclusion in the infinity upload breaks it, and I’ll go again with it removed if it does)
So, if you go to https://g729.ga you will see that the certificate there is issued to four other domain names as well… G729.ga is marked as the primary domain, and upload was permitted onto infinityfree cPanel.
However, when I attempted to upload this certificate onto one of the other parked domains, it didn’t let me as it says that it detected a different URL.
It’s not that strange of a thought. Multi Domain Certificates have existed for a very long time, and if you had a free Cloudflare site it used to be that your domain was put in a big multi domain cert with many other domains from other people. Let’s Encrypt also supports multi domain certificates with up to 100 domains per certificate.
So it’s definitely possible to have all domains on an account in a single certificate. It’s definitely unconventional, but not impossible.
That’s what I was referring to when I said that the Common Name needs to match.
What’s the point of offering to park domains if you can’t subsequently use them (unsecured)
