A CentOS 7 machine running Apache2 has two web servers at:
and a single set of certs were made for BOTH with:
certbot certonly --webroot --force-renewal \ -w /home/apache2/htdocs -d SERVER1.bio.caltech.edu,SERVER1.caltech.edu \ -w /home/apache2/SERVER2 -d SERVER2.bio.caltech.edu 1>>$LELOG 2>&1
and these were installed with:
LADIR=/etc/letsencrypt/archive/SERVER1.bio.caltech.edu FC=`find $LADIR -anewer $TS | grep fullchain` PK=`find $LADIR -anewer $TS | grep privkey` /bin/cp $FC /home/apache2/conf/ssl.crt/letsencrypt_server.pem /bin/cp $PK /home/apache2/conf/ssl.key/letsencrypt_key.pem apachectl restart
and each successive run had a higher numbered file (like cert6.pem).
This worked for certbot 0.38 and 0.39 (from EPEL). However it apparently broke when yum automatically updated certbot to 1.0.0. Previously it was verifying both SERVER1 and SERVER2 against SERVER1. However now it seems to be trying to do both against SERVER2 and that fails. I was able to make a certificate for just SERVER1 which verified against SERVER1.
certbot certonly --webroot --force-renewal \ -w /home/apache2/htdocs -d SERVER1.bio.caltech.edu,SERVER1.caltech.edu \ 1>>$LELOG 2>&1
What is the current syntax equivalent to the original above, to make a single set of certs for both web servers?
Also, when the single server command was run it created a new directory
and the file number is 1. Instead of putting the new ones into the original directory with higher file numbers. What controls this? Can I restore the previous behavior? And in general, where is the certbot documentation???