Adicionar outro domínio ao certificado

ebonilha · June 16, 2020, 8:40pm

Pessoal, já tenho um certificado no servidor (aws lightsail) para um domínio .com.br, agora estamos comprando também o domínio .com, ja configurei o dns e tudo certo, como proceder para adicionar o certificado nesse novo domínio .com

My domain is: portaldonerd.com.br / portaldonerd.com

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is: AWS Lightsail

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

Agradeço desde já!

rg305 · June 16, 2020, 10:33pm

Please excuse my English.

If you are going to use both names within the same server config (serving the exact same content), then it is best to use only one cert.
That means all names should be on that one cert.
You can expand the current cert with the new name(s).
Or you can get a new cert with all names on it and then delete the previous cert.
And then use the single cert for all the names within that one server config.

If you are not going to use both names within the same server config (serving different content to each), then they are unrelated and should be treated individually.
You would simply get a new cert for the new name(s) and use that cert in the new server config.

ebonilha · June 16, 2020, 10:50pm

Hi, thanks for you reply,

I’ll use both domains to serve the same content, how i can expand the current cert or delete it and create a new cert?

rg305 · June 17, 2020, 1:42am

If you used certbot, you can use certbot to expand it like this:
certbot --expand -d one.domain -d two.domain -d three.domain -d four.domain

It should match (at least) one of those names to an existing cert and then use all names to expand it.
[meaning it will keep the same cert name and the same file locations]

ebonilha · June 17, 2020, 6:20pm

that’s the problem, I didn’t use the certbot to create my old certificates, I used the Lego script

Can I install certbot now and use it to expand the certificate to my new domains?

rg305 · June 17, 2020, 10:02pm

If the current certs are in the folder certbot would look for them, then yes.
[/etc/letsencrypt/]
Otherwise, you may have to just get new ones.