Certbot - Add Extra Domains to Certificate using --expand flags

Hello all ,

I install letsencrypt in my server ,I had a certificate for my site, it ran good .
But I had problem : I want to add many extend domain to this certificate ,

I used command :
sudo certbot --apache -d example.com -d example1.com
to addmore but it renew certificate . I don’t want it , I want it use old certificate.

What do I do now?

Thank.

hi @vnatuan1989

to addmore but it renew certificate . I don’t want it , I want it use old certificate.

Certificates are immutable - this means once a certificate has been issued you are not able to add more domains to it at a later date.

You can use the -expand flag to create a NEW certificate covering all your domains.

Instructions on the expand flag: https://certbot.eff.org/docs/using.html#re-creating-and-updating-existing-certificates

–expand If an existing cert is a strict subset of the
requested names, always expand and replace it with the
additional names. (default: Ask)

Review of how -expand works: Reverse Engineering Certbot Expand Option to Use with Another Client

Andrei

1 Like

Thank you about your answer , I tried but it didn’t work , it renew my certificate , do you have any solution for it ?

no

what you are asking for is not possible - once a certificate is issued there is no way of modifying it

You need to obtain a new certificate

Andrei

1 Like

Thank you very much.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.