0

For example I have a domain www.store.com which provides sub stores to clients as subdomains client1.store.com, client2.store.com etc..I am using wildcard ssl certificate for store.com and all subdomains.

My client store 1, has a main site and they provide their store site as store.clientsite.com which displays our subdomain for the client. They add a CNAME record in their DNS for store.clientsite.com with alias as client1.store.com.

In my store.com site for the subdomain client1.store.com we add in apache config, Server as client1.store.com and Server Alias as store.clientsite.com in the apache config.

It works perfectly as http://store.clientsite.com, but with https://store.clientsite.com the browser is displaying a warning. The client has tried it with no ssl added and with wild card SSL added. Both gives same result.

If we need to display the https:// site by Redirect permanent / https://client1.store.com/ the http://store.clientsite.com url gets redirected to https://client1.store.com. So it is not possible.

How is it possible to display https://store.clientsite.com with CNAME alias client1.store.com without displaying browser warning and in https://.

Help requested from experts.

Pamela
  • 101
  • 1
    Possible duplicate of [Do I need a separate SSL certificate for a DNS redirect?](https://serverfault.com/questions/765913/do-i-need-a-separate-ssl-certificate-for-a-dns-redirect), [SSL Certificate on CNAME](https://serverfault.com/questions/644577/ssl-certificate-on-cname). In short: you need a certificate for what is shown as URL in the browser and not what a CNAME might resolve too. – Steffen Ullrich Jul 10 '19 at 06:35
  • @Steffen Ullrich As i have pointed out in my post, the clients tried with wildcard ssl too for the subdomain of my client store which alias to my subdomain store for the client. So the URL indeed has a certificate. – Pamela Jul 10 '19 at 06:48
  • 1
    You specifically ask *"How is it possible to display https://store.clientsite.com with CNAME alias client1.store.com without displaying browser warning and in https://."* and the answer is: by having a certificate for `store.clientsite.com` at this place since this is what is shown in the URL and this must therefore in the certificate. CNAME or A record or whatever at the DNS level not does not matter, all what matters is what is shown in the URL. – Steffen Ullrich Jul 10 '19 at 07:02
  • @SteffenUllrich Yes, i tried it and it works. Thank you so much for your assistance and providing appropriate link. But issue is in creating certificates for clients at their end and storing it in my server. For Letsencrypt we have to repeat the whole process once in 90 days. Is there any solution for that ??? – Pamela Jul 10 '19 at 07:33
  • 1
    Create a separate question, please. No one would provide an answer to a completely different question via comments. – Pothi Kalimuthu Jul 10 '19 at 08:44

0 Answers0