Adding another domain onto a pre-existing cert for another domain

LEForTheWin · October 12, 2018, 6:42pm

Adding another domain onto a pre-existing cert for another domain

Hello folks:

If I already have 2 LE-certed domains (both, properly, on the same cert; which were certified at the same time) and I want to add a third, different domain on that same cert later on; how should that be done?

I know I need a new CSR file, with all three domains. (right?)

Do I just run LE64 with ALL three domains to get the new cert?

I would think not, because I can’t get a new cert for the old domains before the renewal period comes up.

All 3 domains are highly related, so it’s preferred that they all be under the same cert.

#thank #you!

Osiris · October 12, 2018, 6:49pm

Howcome? You can get a new cert whenever you want, just as long as you don't get too much too fast and hit a rate limit. Or is it the LE64 client which prevents that? I'm not familiar with that client myself.

LEForTheWin · October 12, 2018, 8:32pm

Not that.

I have a cert with 2 DIFFERENT domains on it.
About a month old or so.

I want to add a third different domain to the same cert.

So the one certificate holds all 3 domains.

Mostly, I just don’t want to screw up the two that are working.

Oh – and all 3 are on the same IP #.
Hence the desire for one cert.

schoen · October 13, 2018, 9:05am

New certificates don’t contradict or invalidate old certificates. If you request a new certificate that covers the three domains, the old certificate will also remain valid. You can request a new certificate at any time as long as you remain within the Let’s Encrypt rate limits.

LEForTheWin · October 14, 2018, 3:09am

Perfect @schoen.

I’ll give it a crack.

Thank you.

LEForTheWin · October 14, 2018, 3:14am

Actually – can I just confirm this:

If I have the three domains on one cert, do all three domains still have to be on one IP?

Or can that cert be used on 2 IPs say, with the domains spread amongst them?

(I think they all need to be one 1 IP)

stevenzhu · October 14, 2018, 3:26am

No.

Sure.

Once the certificate is issued, you could use it anywhere you deem appropiate. (however, you might need to consider ways to renew the certificate)
You could even use the certificate (in three domains) spread among multiple servers (in different regions)

Thank you

system · November 13, 2018, 3:26am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Is it possible to add domain to existing certificate?	3	3624	February 23, 2016
Expanding the cert? Server	3	2387	January 13, 2016
Adding domains to (existing) certificate Issuance Tech	1	2247	November 1, 2015
Can we add or delete domain in one cert? Server	3	2866	July 5, 2018
How to add more domains to another certificate but they already have a certificate of their own Help	6	705	May 29, 2020

Adding another domain onto a pre-existing cert for another domain

Adding another domain onto a pre-existing cert for another domain

Related topics