SSL not working for CNAME records

We have vitualmin GPL installed for one of our client and have setup tracking link for their application. this application required SSL but tracking link we setup ( it’s a CNAME record ) does not working on SSL and showing error.

We try all the possible solution like adding this tracking hosting name or using wild card in SSL setup page. But it doesn’t work.

when we are checking our ssl with an online ssl check , it is showing following problem

None of the common names in the certificate match the name that was entered

the ssl is working fine with the main domain but not with the tracking domain pointed on CNAME host.

Let’s try to find the solution.

1 Like

I use vultr for dns and the cname all addresses with a * on the domain and I’ve never had a issue.
If your using a absolute address make sure you have a dot at the end else just use the name before the domain like www, show this in the screen shot.

Vultr won’t allow a dot in the name section

BTW I have services been slow to pickup the change due to dns cache.
Use https://dnschecker.org/ to see if its propagating ok.

it is not about the CNAME but about the SSL not working for CNAME records.

cname should not make a difference, I use cname addresses all the time and have not issue with lets encrypt.

avoid wildcards and add all addresses here

I don’t see a wildcard option anymore, are you using webmin?

we are using httpd (apache) , does it make sense to use NGINX instead to resolve this issue? I have triad to do as per your instruction but still not succeed. main domain works well with SSL but CNAME dns does not.

I’ve never used NGINX, that not the solution.

It’s not the CNAME record which is needed for SSL But it’s the “A” Record. Is it correctly Setup ?

If you could Show us the Picture of your records it may help.

Concerning SSL: NGINX or Apache doesn’t change anything.

1 Like

I have solved this by adding sub-domain as virtual server & use proxy path to redirect to the destination domain, instead of using CNAME.

This has solved our issue.

It seems cPanel generates it’s SSLs including the CNAME and A records entries. but Virtualmin looks like it only generates entries in the Certificate if they are A records.

Your comment give us right direction to solve this. Thanks @Tactikast