Domain alias without ssl request

I have a project where i want to mange multiple domains from single codebase on code level. Now i have a base or primary domain and i want to add around 100 domain aliases. I have option to add these one by one and this is the best way for me. However i am adding them quickly i.e. within one day but everytime i add a new alias it will trigger an ssl certificate. As letsencrypt has a rate limit this will create a problem. What i want is to add domain aliases and request ssl certificate once i have added the required domains. This will be done by a non technical guy so i have to rely on the interface i.e. no scripts etc. so how can i do this?

SYSTEM INFORMATION
OS type and version ubuntu 24.04
Virtualmin version 7.30.3

Hello,

It seems you could utilize the wildcard certificate option, which is described in more detail here:

Only if DNS is being managed by Virtualmin.

no in my current setup DNS is managed by Cloudflare

Adding ssl is not a problem. I want to avoid letsencrypt rate limit as i am adding a lot of domains as alias to a main domain quickly and adding each alias will request a new ssl.

I thought there was an option somewhere I cannot remember where to turn off the LE request temporarily - there must be some way of preventing that going out but I’m unsure of exactly how.

i guess i have to disable the auto request option and manually request the certificate after adding all domains? SS attached.

2 Likes

I’m not sure if that will prevent domains that already have a Let’s Encrypt certificate from fetching a new one when you change it in such a way that it needs a new one (like adding an alias). We just never thought about a situation where adding a gazillion aliases one at a time would happen, so I’m not sure there’s any path to get there easily.

But, it’s definitely worth a try. So, yeah, try disabling that and see if adding an alias continues to automatically regenerate the certificate for the parent.

I have to admit I was thinking more of an action within the codebase (somewhere the cert is being requested) rather than a specific option in the system. - but whatever works.

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.