I have a VPS that’s personally managed and has WordPress installed. I was able to use tutorials to get Letsencrypt SSL enabled and all is working perfectly. However, now I’d like to add Couchdb to my server to develop and test self written applications.
Is it possible to have the Apache web server and Couchdb use the same certificate (and file), or will I have to setup and use a separate certificate with the same domain specific to the Couchdb application?
Can’t mentally wrap my head around two certs with the same domain/host?
Although it's not required, it's possible. Certificates in the web PKI make positive assertions, not negative assertions. So certificates that cover the same name don't contradict each other. A certificate says "this encryption key is OK to use for this name", rather than "this encryption key is the only key that's OK to use for this name".
Some cases where there are likely to be multiple certificates valid for the same name at the same time:
Load balancing and content-delivery networks, where there can be more than one server or device that answers requests for the same site
Different servers for the same site in different countries, which could be operated on separate infrastructure and have independent certificates
Ordinary certificate renewal, where the new certificate is issued before the old certificate expires; it doesn't invalidate the old one and both will be valid at once (and so this happens constantly when people follow Let's Encrypt's renewal guidelines and renew 30 days prior to expiry; during those 30 days, both the old certificate and the new certificate are valid at the same time)
From what I can see, it looks like Couchdb does not support a reload. However, since it’s just for my own testing, I think I can edit the cron job that does the cert renewal and just have it restart Couchdb as part of that process. I can afford the short downtime of a stop-start operation.