Adding another domain onto a pre-existing cert for another domain


#1

Adding another domain onto a pre-existing cert for another domain

Hello folks:

If I already have 2 LE-certed domains (both, properly, on the same cert; which were certified at the same time) and I want to add a third, different domain on that same cert later on; how should that be done?

I know I need a new CSR file, with all three domains. (right?)

Do I just run LE64 with ALL three domains to get the new cert?

I would think not, because I can’t get a new cert for the old domains before the renewal period comes up.


All 3 domains are highly related, so it’s preferred that they all be under the same cert.

#thank #you!


#2

Howcome? You can get a new cert whenever you want, just as long as you don’t get too much too fast and hit a rate limit. Or is it the LE64 client which prevents that? I’m not familiar with that client myself.


#3

Not that.

I have a cert with 2 DIFFERENT domains on it.
About a month old or so.

I want to add a third different domain to the same cert.

So the one certificate holds all 3 domains.

Mostly, I just don’t want to screw up the two that are working. :slight_smile:


Oh – and all 3 are on the same IP #.
Hence the desire for one cert.


#4

New certificates don’t contradict or invalidate old certificates. If you request a new certificate that covers the three domains, the old certificate will also remain valid. You can request a new certificate at any time as long as you remain within the Let’s Encrypt rate limits.


#5

Perfect @schoen.

I’ll give it a crack.

Thank you.


#6

Actually – can I just confirm this:

If I have the three domains on one cert, do all three domains still have to be on one IP?

Or can that cert be used on 2 IPs say, with the domains spread amongst them?

(I think they all need to be one 1 IP)


#7

No.

Sure.

Once the certificate is issued, you could use it anywhere you deem appropiate. (however, you might need to consider ways to renew the certificate)
You could even use the certificate (in three domains) spread among multiple servers (in different regions)

Thank you


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.