I’m trying to figure out process to update allowed domains.
Can I append sub domains to current certificate?
Or, do I need to apply for a new certificate?
The right commands depend on how you got the certificate in the first place. If you’re using the certbot client, you can request a new certificate with additional domains by passing some options. The options change slightly based on the certbot version you are using. Newer versions have special a special option to “expand” the domain list, while older versions need a few more options to tell it which certificate is being replaced.
Alternately, you could create a separate certificate just for the beta domain. Depending on your use cases, that may work out better for you.
Note: Once a certificate is issued, that’s that. It cannot be modified because then the special signature on it would be invalid. Even “renewals” create a new certificate with updated expiration dates.
I didn’t use certbot on this instance of my project. Have looked at it now and will use it onwards. The --expand option is really useful.
There’s a couple of other bugs that I want to fix to resolve inconsistencies between dev and live enviroments. As I’m primarily trying to develop a smooth workflow from dev to beta to live (1400 lines so far documenting my evolving process), I’ll be rebuilding server today. I’ll give update on progress later and share relevant configs.