Easiest way to set up ssl

I’m finally taking the time to secure all my sites with https but it’s more difficult than I thought, and all these security things are pretty new to me.

My setup:

  • One main virtual server (empty, I use it for the hostname only) and many sub-servers (domain1.com, domain2.com…)
  • Each sub-server runs behind Cloudflare

Ideally, I would like to be able to encrypt all my subservers at once, if it’s possible. I’m just looking for the most simple way, without buying a certificate if possible.

1/ I first tried to use the let’s encrypt option in Virtualmin for my main Virtual server, and listed all my subservers in the “domain names” field, but I ran into errors like

. request failed : Web-based validation failed : Failed to request certificate : domain2.com challenge did not pass: Invalid response from https://domain2.com/.well-known/acme-challenge/

I was not able to solve these errors.

2/ I then saw that for websites running behind Cloudflare, Let’s encrypt recommends not to use Let’s encrypt (https://community.letsencrypt.org/t/how-to-get-a-lets-encrypt-certificate-while-using-cloudflare/6338?u=pfg) but to use Cloudflare CA Origin, which I did. I can generate a single certificate for all of my subdomains but I’d like to know, do I have to enable SSL in Virtualmin and edit my apache conf files with the certificate path for all subdomains, or is there an easier way to do that?

So what’s the easiest way for you? Am I missing a Virtualmin feature that would make my life simpler?

Why use sub servers instead of virtual servers?

Are you wanting these as the equivalent of cpanel addon domains?