How does sub-servers work with wildcard certificates

Just a short question.
I like to order an digicert Wildcard certificate and wonder how it work to set it up (assign it) to the sub-servers?
Which steps are required to make this work?

Thanks, but the question was for a wildcard certificate.
I already know the general way, but wonder which setup-steps are needed for the subservers.
Are they the same as generally, but you always use the same certificate… or will virtualmin internally use a wildcard automatically for all subservers…etc.?!?

It should work the same way as it does with the LE certs. Some additional reading though not sure if still valid: SSL Certificate Installation - Webmin

I have a wildcard certificate (from Let’s Encrypt) for toxi.gen.in and everything is working fine. Obviously Virtualmin DNS is managing the DNS records for this domain.

Then I created a top level virtual server on the same Virtualmin box for a subdomain zoom.toxi.gen.in and Virtualmin + Let’s Encrypt worked together to use the same wildcard certificate on the subdomain under toxic.gen.in - I was quite please with this outcome but I do not know if the credit for it should go to Virtualmin for intelligently applying the wildcard to the subdomain or to Let’s Encrypt for intelligently issuing the original wildcard certificate for a subdomain.

I am aware of the fact that you are not using a Let’s Encrypt certificate but I thought this cool behaviour of Virtualmin + Let’s Encrypt might be interesting to you and others.

K, thanks for the information of your experiences with it.

I just created yoom.toxi.gen.in as a subserver under toxi.gen.in and the provisioning of the SSL was instant, without Virtualmin referring to Let’s Encrypt.

Like so

Adding new SSL virtual website ..
.. done

Based on this, I think you could buy a wildcard certificate and Virtualmin will understand it well enough to apply it to any sub-server that you create, if it is a subdomain of the wildcard enriched domain.

1 Like

That’s about Webmin and also not about Let’s Encrypt or wildcards.

I recommend against wildcard certs in the general case.

Virtualmin will not use the wildcard automatically (I don’t think, but calports post makes me think otherwise…I never use wildcards, so I haven’t actually done this). Virtualmin normally requests a new cert for sub-servers (which is generally better than using the same cert for everything). If you want to use your own cert (a wildcard, in this case), I think you’d need to switch off of the Let’s Encrypt cert and install your wildcard.

Or, just don’t do that. A wildcard is worse.