I would like to add a LE certificate to a production website that already has an existing certificate issued by a separate authority. The new LE certificate is simply to enable https redirection from old-domain.com to the canonical current-domain.com. I don't want/need Certbot to modify my apache config -- just to issue the certificate and I'll add the vhost redirection. DNS is already active for old-domain.com.
I'm looking for the correct Certbot command to accomplish this task. I believe it should be something like:
sudo certbot certonly --apache
But I'm not sure if I should include --cert-name (or other flags), and if so, if --cert-name should include all active domain names or just the new one to be issued by LE.
Server: ssh; current version of Apache; Ubuntu 22; latest Certbot via Snapd.
You can, but cert-name isn't necessary--it defaults to one of the domains on the cert (which will likely only be old-domain.com). You can add -d old-domain.com to the command to specify the domain name to issue; if you don't, it will ask for it. You shouldn't really need to add anything else.
Great, thanks all. I was a bit confused when I ran sudo certbot certonly and the installed certs were listed. I don't want to overwrite or reissue anything. The proper command seems simple enough then:
sudo certbot certonly --apache -d old-domain.com
And then add the LE cert as a vhost to my apache.conf to enable https redirection from old-domain.com to the canonical live domain current-domain.com.
Great software, service and community here. Thanks again for your help.