Acme.sh, '.conf' files, & multiple domains under one cert

In the .acme.sh directory there are a number of sub-directories, each named for a LE-certified domain.

Inside each there are two .conf files:

  • .acme.sh/mydomain.com/my.domain.com.conf

  • .acme.sh/mydomain.com/my.domain.com.csr.conf

Questions:

  • What are they each for?

  • Are they reporting what has been created by running acme.sh --install (or --renew)?

  • Or are they defining how acme.sh should process the next time it is run. (There are a number of posts in the LE forums suggesting they can and should be edited for this purpose).

  • If the answer is “defining”, how does editing them affect acme.sh’s renewal process? In other words, do you have to change the domains listed in both .conf files or just one? If only one, which one? Or should you never touch them and let acme.sh take care of them entirely.

  • Why is it that acme.sh seems to allow the bundling of multiple domains under one cert / master domain name, but not sub-domains which seem to get generated independently?

  • Is there a way to force subdomains to be bundled with the certificate that handles its respective domain?

  • What does acme.sh v2.8.6 do that makes cPanel recognize --renew(als)? In this marathon post (How to add a domain to an existing set of certs using acme.sh?) we worked out that --deploy-hook cpanel gets acme and cPanel to play well together, but exactly how and why remains a mystery.

1 Like

Hi,

This is the forum for Let’s Encrypt CA and mostly about issues of implemtation or deployment. The questions you asked are specific to acme.sh, hence I suggest you ask in their GitHub issues directly which will get answered by the dev much faster and accurately.
Link: https://github.com/acmesh-official/acme.sh/issues/new

Tagging @neilpang in case he’s still watching the forum.

Thank you

3 Likes

Will do. Thanks for the clarification.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.