Unable to share a wildcard SSL cert with multiple subdomains

  • Note! I’ve now created a bug report in the issue tracking system.


I’m trying to share a self-signed wildcard cert among multiple subdomains which were created as “Top-level server” and not “Sub-server” as I want to separate the sites. All sites run on the same IP address.

I have a “root domain” called domain.com which has a *.domain.com wildcard cert. I can then create a new “Top-level server” called e.g. sub1.domain.com and enable SSL and it works. When I go to Server Configuration - Manage SSL Certificate it says “This virtual server shares its SSL certificate with domain.com, so it cannot be edited on this page. Use its Manage SSL Certificate page to change SSL settings.”. Very nice!

The trouble starts when I try to enable SSL on another subdomain. This message is shown:
“The following potention problems were detected with the creation of this virtual server :
SSL cannot be enabled for more than one domain on the IP address x.x.x.x unless a virtual IP interface or private port is enabled, or the certificate can be used for this domain. The current certificate is only valid for :
Are you sure you want to continue?”

I censored the IP address above but as you can see, it won’t use the same cert as for domain.com and also “current certificate” is empty. Strange, right?

I wish I knew how to debug this issue to be able to provide you with more useful info. Can anyone point me in the right direction? I’m running Virtualmin 3.80 gpl on Debian Lenny.