CloudFlare explains DNS (https://www.cloudflare.com/learning/dns/what-is-dns/); basically is the way "internet" can point a hostname to an IP; I found this to be very important because is by DNS software that the nameservers redirect the traffic in the data center through DNS records. A nameserver is just a server with DNS software installed; tying the two together is what allows a website to get online. A typical stream would start by you purchasing a domain name from a registrar such as Google. Once you own that domain, your web host must store its information within the DNS records to serve it up when the domain is entered.
There are a few different types of DNS records. Typically, all you need to do is update the nameserver, but knowing the different types of records can help if you need to change something down the line (https://en.wikipedia.org/wiki/List_of_DNS_record_types). For now just two are important:
- A Record: stands for address record, this points a domain to an IP.
- CNAME Record: stands for canonical name, this points one domain to another.
--@------A----1m--220.127.116.11 -> (@ stands for root/myDomain.tld)
Now; SSL (https://en.wikipedia.org/wiki/Transport_Layer_Security) stands for Secure Sockets Layer, a global standard security technology that enables encrypted communication between a web browser and a web server (which is now superseded by TLS). To create this secure connection, an SSL/TLS certificate is installed on a web server and serves two functions:
- It authenticates the identity of the website (this guarantees visitors that they’re not on a bogus site).
- It encrypts the data that’s being transmitted.
There are different types of SSL/TLS certificates:
- Single: secures one fully-qualified domain name or subdomain name.
- Wildcard: covers one domain name and an unlimited number of its subdomains.
- Multi-Domain: secures multiple domain names.
and the level of validation needed, such as:
- Domain Validation: covers basic encryption and verification of the ownership of the domain name registration. This type of certificate usually takes a few minutes to several hours to receive.
- Organization Validation: in addition to basic encryption and verification of ownership of the domain name registration, certain details of the owner (e.g., name and address) are authenticated. This type of certificate usually takes a few hours to several days to receive.
- Extended Validation (EV): this provides the highest degree of security because of the thorough examination that is conducted before this certificate is issued (and as strictly specified in guidelines set by the SSL certification industry’s governing consortium). In addition to ownership of the domain name registration and entity authentication, the legal, physical and operational existence of the entity is verified. This type of certificate usually takes a few days to several weeks to receive.
Sounds like a lot of nonsense but I think is important to understand how it works in order to solve it. I just change my account to a cPanel control but DirectAdmin has basically the same functionalities.
Hostkoala generates DNS records automatically: Dashbooard
and provides with free SSL: Dashbooard
Hostkoala can also self-signed a new certificate but this causes many websites to count the certificate as unsafe, if this is the case, uninstall the current certificate and issue a new one in the Dashbooard
If the nameservers are not correctly set up the SSL/TLS will not be validate, on your domain registrar replace the default for Hostkoala nameservers otherwise you will have to create the correct DNS records (on your domain registrar) as shown in Dashbooard
Works just fine.