Add new subdomain


#1

When I first installed letsecrypt I did it for exemple.com domain
now I would like to add www.exemple.com subdomain

Debian server up to date

Using putty SSH

I already tried ./letsencrypt-auto like the first time I used it but it just asks me to renew or reinstall the existing dimain exemple.com
It doesn’t allow me to add new one

Thanks for your help and guidance


#2

Does your webserver have the www subdomain configured?


#3

how to know if it is configured ?


#4

I don’t know, because I don’t know what webserver you’re running. You should be able to find out yourself with the aid of a search engine such as Google.


#5

if that helps, before running https i was in http and I had both www.example.com and exemple.com as A record


#6

sss

is this information useful ?


#7

You could potentially just try:

./letsencrypt-auto -d exemple.com -d www.exemple.com --dry-run

And if that succeeds, remove the --dry-run.


#8

after running it, I have a message telling me that dry-run only works with certonly or renew commands


#9

Currently Certbot (the program that you’re using with its old name letsencrypt) doesn’t have an option to add or remove a name, although we plan to add one¹. What you have to do is request a certificate that contains all the names that you want, and then Certbot will replace the old certificate with the newly-issued one. @_az’s suggestion to use multiple -d options is right: you have to request the certificate to cover both the www and the base domain.

If you want to test with --dry-run, you can add certonly and then the test should go ahead.

¹ I mean, you can add and remove names by giving a different list of names that the certificate should cover, but there is no option dedicated to performing this specific task, without also requiring you to list all of the names that you want in the cert.


#10

thankf for the reply so if I understand:
under letsencypt folder i run the command
./certbot-auto -d exemple.com -d www.exemple.com --dry-run
?
if test is ok i do it again without --dry-run and I am done ?


#12

where do I add certonly ??


#13

./certbot-auto certonly -d example.com -d www.example.com --dry-run


#14

I get this


#15

You’re using Apache, right? So I’d try 1 first.


#16

It has worked so should I do the same without --dry-run ?


#17

Yes, without --dry-run and also without certonly.


#18

what to choose ?


#19

It seems you don’t have a virtual host set up for your www subdomain, so Apache will just use the default one. Looks like that’s wordpress.conf for HTTP since the others are HTTPS. However, you might be better off to cancel and set up a virtual host first. Either a simple one that’s just something like

<VirtualHost *:80>
  ServerName www.example.com
  Redirect permanent / https://example.com/
</VirtualHost>

or you could add ServerAlias www.example.com to the existing virtual host and let WordPress handle the redirect.


#20

are these commands or a text file ?


#21

A text file. The location will depend on your operating system. For example on Debian/Ubuntu/etc the files are in /etc/apache2/sites-available/ - you can try finding and editing the existing wordpress.conf, find a line that looks like
ServerName example.com
and add a new line after it:
ServerAlias www.example.com

Or you can add a new file with the four lines I posted above, and enable it with a command like
sudo a2ensite newfilename

If you have a different operating system the files may be in a different place. Try locate wordpress-le-ssl.conf to find them.