Certificate valid for non-www and www as well?


#1

Hello,

I just issued my first certificate for www.domain.tld and trying it on non-www I noticed that is not valid.
A lot of ssl issuer are issuing a single certificate that is valid on www.domain.tld and domain.tld
I assumed that is the case with letsencrypt as wel.

I wonder if I did something wrong or if is possible with the current client. Maybe in the future?


#2

You need to get whitelist acceptance for all sub domains you want to issue certificates for. By this I mean that you need to issue a certificate including both www.domain.tld AND domain.tld (AND e.g. mail.domain.tld etc.)


#3

a) Check your LE invite if both www.domain.tld and domain.tld are whitelisted.
b) When generating your certificate you need to specify both, e.g. -“d www.domain.tld -d domain.tld”

HTH!


#4

Quick question, are those two certs then or is it just one?


#5

This will generate one certificate which will be valid for both www.domain.tld and domain.tld

HTH!


#6

@dariocravero the result is on certificate with two SAN entries and the CN of the first listed domain.
You can see an example https://suche.org/


#7

Good stuff! Thanks for clarifying that @tlussnig :smile:


#8

Yes but how to create san certificate?


#9

This is an old thread from 2015 - I’ll respond on the other thread you opened.