Certbot-auto expand domain generates wrong renewal configuration file

Hi,

Trying to expand an existing certificate, to add support for subdomains looks to generate missing webroot_map section in renewal domain configuration file.
My domain has already 7 subdomains supported:

Go to: https://test-livepepper.com
And i want to add a 8th subdomain

I ran this command:

certbot-auto certonly --quiet --no-self-upgrade --expand --webroot -w /var/www/webroot -d test-livepepper.com -d www.test-livepepper.com -d sub1.test-livepepper.com -d sub2.test-livepepper.com -d sub3.test-livepepper.com -d sub4.test-livepepper.com -d sub5.test-livepepper.com -d sub6.test-livepepper.com -d sub7.test-livepepper.com -d sub8.test-livepepper.com

It produced this output renewal configuration file:

[[webroot_map]]
sub8.test-livepepper.com = /var/www/passenger/rendering_engine/current/public

No traces at all of the other subdomains.
I suspect, I will be in trouble when I will want to renew the certificates.

My web server is (include version):

nginx 1.15.7

The operating system my web server runs on is (include version):
debian 9.12

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

I made a recent upgrade, and I think in 1.4.0 the behavior was correct.
1.8.0

Typically, the same webroot will be used for every domain, unless otherwise specified.

You can test whether this is going to work with:

certbot-auto renew --cert-name test-livepepper.com --dry-run
1 Like

Welcome to the Let's Encrypt Community, Jonathan :slightly_smiling_face:

Try removing the --expand.

If each has its own unique webroot, you must specify the webroot before each one. You can group the -d's after a single -w for those that share a common webroot.

certbot-auto certonly \
--cert-name test-livepepper.com \
--quiet --no-self-upgrade -a webroot \
-w /var/www/webroot -d test-livepepper.com \
-w /var/www/webroot -d www.test-livepepper.com \
-w /var/www/webroot -d sub1.test-livepepper.com \
-w /var/www/webroot -d sub2.test-livepepper.com \
-w /var/www/webroot -d sub3.test-livepepper.com \
-w /var/www/webroot -d sub4.test-livepepper.com \
-w /var/www/webroot -d sub5.test-livepepper.com \
-w /var/www/webroot -d sub6.test-livepepper.com \
-w /var/www/webroot -d sub7.test-livepepper.com \
-w /var/www/webroot -d sub8.test-livepepper.com

Props go to @rg305 for pointing out to use backslashes for commands that span multiple lines!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.