Certificate valid for non-www and www as well?


I just issued my first certificate for www.domain.tld and trying it on non-www I noticed that is not valid.
A lot of ssl issuer are issuing a single certificate that is valid on www.domain.tld and domain.tld
I assumed that is the case with letsencrypt as wel.

I wonder if I did something wrong or if is possible with the current client. Maybe in the future?

You need to get whitelist acceptance for all sub domains you want to issue certificates for. By this I mean that you need to issue a certificate including both www.domain.tld AND domain.tld (AND e.g. mail.domain.tld etc.)

1 Like

a) Check your LE invite if both www.domain.tld and domain.tld are whitelisted.
b) When generating your certificate you need to specify both, e.g. -"d www.domain.tld -d domain.tld"



Quick question, are those two certs then or is it just one?

This will generate one certificate which will be valid for both www.domain.tld and domain.tld


@dariocravero the result is on certificate with two SAN entries and the CN of the first listed domain.
You can see an example https://suche.org/

1 Like

Good stuff! Thanks for clarifying that @tlussnig :smile:

Yes but how to create san certificate?

This is an old thread from 2015 - I’ll respond on the other thread you opened.