@robi Here's the settings.!
Does anyone have a recommended course of action?
I should add that I am fine with keeping the fallback cert on the main domain used for access to my cloudron dashboard. But one of my additional domains needs to NOT use a self-signed cert as fallback, or I cannot use my CDN or use the MainWP Wordpress plugin, since both complain about use of self-signed certs (apparently even when it's not the primary cert).
I really need to get this resolved, and any assistance will be much appreciated!
I have not provided a fallback cert. I see now that a self-signed cert is automatically provided if the optional fallback cert is not provided. What are my options here? The self-signed cert is causing problems, but I don't want to have to manually generate and upload a new cert every couple months.
I'm trying to use Fastly as a CDN for my Wordpress site, but it is complaining that I'm using a self-signed cert.
The site is on a subdomain, and I am using the "Let's Encrypt Prod" certificate provider. When I do an SSL check via SSLLabs (https://www.ssllabs.com/ssltest/), I see the following:
Certificate #1: EC 384 bits (SHA256withRSA) Subject: subdomain.mydomain.com Common names subdomain.mydomain.com Alternative names subdomain.mydomain.com Trusted: Yes
That's great. But there's a second certificate:
Certificate #2: RSA 2048 bits (SHA256withRSA) No SNI Subject cloudron-2021-11-17T01:23:33.708Z Common names cloudron-2021-11-17T01:23:33.708Z Alternative names - INVALID Trusted No NOT TRUSTED
This seems to be tripping Fastly up.
Why does this second certificate exist? Is there any recommended way to move forward?