: Is it normal for SSL certificates to be inaccurate for newly created subdomains on shared hosting? We created a bunch of subdomains on our shared hosting account for testing and noted that:
We created a bunch of subdomains on our shared hosting account for testing and noted that:
a) For the first few minutes of the subdomains life, the SSL certificate being served was for a completely different domain, not even one owned by us or added to our hosting account
b) For some subdomains, the SSL certificate being served was and still is for a different subdomain (another one of ours)
Upon asking tech support, they said "that is how SANS certificate works".
This seems somewhat suspicious and now I'm worried about continuing with this host, because an SSL issue later could come back to bite me. What are everyone's thoughts on this? Anyone experience similar issues?
Update: Confirmed that the first issue (cert issued to xyz.com being served for sub.mydomain.com for a brief period after creation) also occurs on another host. This other host does not use Let's Encrypt, and instead uses cPanel self-signed certificates. I'm starting to think this is a cPanel bug (whatever handles assigning certificates to subdomains automatically). One server has apache and the other litespeed. The cPanel versions in both hosts are 62.0.20 and 64.0.15.
More posts by @Cody1181609
1 Comments
Sorted by latest first Latest Oldest Best
It is not surprising to me that it takes a few minutes to set up an SSL certificate correctly and that some other certificate is served until it is properly set up.
When there is no SSL virtual host configuration for a domain, Apache falls back to the default site. That would explain why there is some other certificate initially while your subdomain is being set up. It isn't anything to worry about. New subdomains shouldn't get traffic right away. Just make sure it is properly set up by the time users see it.
It is possible that "that is how SAN certificate works" means that your host is getting a single certificate that covers multiple subdomains. If that is the case, that is also fine. The certificate will list one subdomain as the "main" subdomain, but it will work for all the listed subdomains. Having multiple subdomains covered in a single certificate is absolutely fine. Here is an example from digicert:
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.