Hello Let’s Encrypt operators
First thanks for your great service which I currently am using for some single sites (currently sites without alias).
First a basic question: Assume a virtual host like
<VirtualHost *:443> ... ServerName wwwsec.example.com ServerAlias example.com www,example.org example.org </VirtualHost>
So am I right to generate the needed certificate using
letsencrypt-auto --apache -d www.example.com -d example.com \ -d www.example.org -d example.org
i.e. the main CN as the first “-d” option then all alias names?
Note: I use “apt-get install letsencrypt” in Debian Linux.
And now the more complex questions: Typical site changes and the needed steps on Let’s Encrypt level.
Case 1: Assume that example.org is not longer needed (canceled by the regstrar, got some new DNS servers or similar), i.e. the site is changed as
So what are the correct steps to update the certificate accordingly? And is there an e-mail notification telling “From: firstname.lastname@example.org - You are not longer authorized to issue certificate for example.org” (this is important since I cannot watch every domain’s status permanently!)
Case 2: Extending existing certificate: Assume that example.net has been registered.
Case 3: Completely delete a site and it’s certificate.
Case 4: Transfer a site to a new hoster also using Let’s Encrypt: Beware that the new (or old) hoster has a separate ACME account. So the question is: Do I have to export something from the /etc/letsencrypt folder or simply can the new hoster generate a new certficate as soon as the DNS servers are updated?
Thanks for any answers in advance.