Certificate expand without specifying older domains


#1

Hi Let’s Encrypt Team,

it would be nice when it would be possible, to expand an existing certificate without specifying all older domains.

Thanks,
Sairahcaz


#2

This can be done in recent versions of Certbot with --cert-name. You can find out the applicable certname by running certbot certificates. Providing --cert-name is an alternative to specifying all of the existing domains with -d.

This functionality was added by December of last year

but depending on how people install Certbot, they may or may be using a version released since then.


#3

Actually, I guess I should rethink this answer because this still does not provide a way to add new domains without also specifying the older domains. If you give a list of domains, you still need to list all of the existing and new domains.

I can propose a feature more closely related to what you were asking for.


#4

Would be very nice!
How do I get notice when this feature is available?


#5

hi @Sairahcaz

I think you should review what expand actually does.

The reason why this is relevant. The expand option is about adding domains to an exisiting certificate.

If you would like to change the composition of your certificates (SANs) then you should do the following

A) Run a new command to get the certificates you want
B) Use certbots certificate management commands to remove the old certificate

I don’t believe this is something that needs to be a feature as it’s something that’s achievable.

Andrei


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.