Hello,
I generate my own CSR, with SAN (3 domains now)
There might pop new subdomain once a month or two. Which will update the CSR and regenerate NEW certificate - which is correct.
But, if I use the same CSR - (still 3 same domains), it always issues a new certificate instead of checking for renewal and possibly renew when its close to expiration
Command:
certbot-auto certonly -n --keep --expand --webroot -w /var/www/ -d domain1.com,domain2.com,domain3.com --csr /etc/apache2/cert/csr.csr --fullchain-path /etc/apache2/cert/cert.pem
After few repeated runs, due to the limits it outputs: "Too many certificates already issued…"¨
I would expect something like: “Certificate already issued, nothing has changed, no need for renewal or new certificate”
According to certbot docu, it should for the same subset of domains check for renewal, instead of foruce issuing…
What am I doing wrong? Do I need to include previous certificate for the certbot app to check it?
Thanks,
FidLi