Managing Domains & Certificates

djx · October 7, 2019, 4:20am

NethServer Version: 7.6
Module: all

Sorry for the beginner question, but I’m just getting started with Nethserver. I understand that it’s designed to support many scenarios, but mine is intended to be a bit simple. Basically, I just want to host my Nextcloud, e-mail, and XMPP server on one box.

The first hiccup came when it requires that the FQDN has a subdomain (e.g. sub .domain .com) even though I intend for my server to sit at (domain .com).

Because the configuration forced me to treat it as a subdomain, I put WWW. This caused the LE certificate to only be issued to www. domain. com, which breaks other applications (like XMPP) which expect the certificate to list domain.com.

After many searches I found some references talking about manually typing in domains when requesting a certificate, and found that under Configuration > Server Certificate.

Most of this is just background, perhaps it will help someone else. My questions are:

Is there some place where I can manage sub-domains easily? For example, if I want to make my nextcloud be the primary website and not located at domain.com/nextcloud
Is it possible to make NS understand that it is not sitting at a subdomain?
Is it possible to update the default LE cert page to put the regular domain (domain .com) as a default entry to help other modules work better?

robb · October 7, 2019, 8:59am

Hi @djx and welcome to the NethServer community. I am glad you found our forums!
Let me try to start helping you. Maybe members of the @support_team can add more suggestions.
When you implement a LE certificate, you can ask a certificate for more than just 1 subdomain.
renewLEcertificate
So you can use for each subdomain a new line:
domain.tld
sub1.domain.tld
sub2.domain.tld
sub3.domain.tld
etc

After you have requested the new LE certificate, you set it as default and you are set for the subdomains you entered.

djx · October 7, 2019, 10:59am

Thanks for the quick reply @robb.

Is there a place in the web page for managing subdomains (before we request the cert), or is that done in the config files for apache?

danb35 · October 7, 2019, 11:58am

Yes, that’s going to be the “Virtual Hosts” section.

robb · October 7, 2019, 1:19pm

To create the subdomains, AFAIK LetsEncrypt does a DNS lookup. So you just need to create A or CNAME records at your DNS provider that point to the (external) IP addres of your NethServer instance.

djx · October 8, 2019, 1:36am

Thanks, I found this by installing the “Webserver” module.