0

We build websites on SiteGround and have bumped into an issue with a client that has DNS and domain hosted at another (non-SiteGround) provider, with various services attached, such as FTP and email.

Typically we build the site, let's say for "example.com" and if DNS is external, we launch by asking the DNS manager to add an a record to the SiteGround IP. Historically, clients have done this by adding the 'a record' to the root, and then resolving 'www.' to the root, so that www and non-www are resolved to the SiteGround website.

It is in this context that we have always issued SSL certificates successfully from the SiteGround side, since SiteGround checks to see if traffic (non-www and www) is routed to their IP before issuing the cert.

NOW HERE IS MY ISSUE:

A recent client has said that they will only add the 'a record' for 'www.' and not for the non-www within DNS. They say this might break or cause issues with other services like FTP, etc.

I said "Okay" because sure, I will do whatever the clients wants, but SiteGround states that I cannot successfully issue an SSL from within their hosting panel when only the www is pointed to SiteGround and the non-www is NOT. They say this is not possible.

So my final question is: who is correct? SiteGround? Or the client's DNS manager who says I should be able to issue this cert just fine based on only his www 'a record'?

Daniel Schwindt
  • 3
  • 1
  • If I got this correctly, Sideground issues wildcard certificates `*.example.com`, while your client wants just a common name (cn) `www.example.com` on the ceritificate only? – Krackout Jul 17 '20 at 13:16
  • Actually SiteGround has the option to choose a "Let's Encrypt" SSL or a "Let's Encrypt Wildcard" SSL. In this particular case, I have been choosing the non-wildcard SSL option, and that is the option that cannot be completed per SiteGround unless the client points both www and non-www to the SiteGround IP. Basically trying to figure out if this is a SiteGround limitation, something that can be accomplished elsewhere, or just part of the way any CA works. – Daniel Schwindt Jul 17 '20 at 13:22
  • 2
    It's not possible for SiteGround because they choose not to do so. It's possible for everyone else. – Michael Hampton Jul 17 '20 at 14:08

1 Answers1

3

It must be a SiteGround policy. I haven't met such a restriction elsewhere. I suggest you issue the certificate yourself, if it's possible to install a certificate of your preference, not only the ones issued by them. You can even issue a free Let's encrypt certificate yourself, although it's got some procedure. Else buy one from another CA.

Krackout
  • 1,559
  • 6
  • 17