Enrolling a pre-created CSR for a subdomain


I’m trying to enroll a CSR I created using OpenSSL for a subdomain I own using the “certonly” and “–csr” options. I was able to enroll for a certificate using this method for the parent domain without any issues but I’m having difficulty doing it for my subdomain (the CN and SAN are set to my subdomain). I have my DNS configured with A records for my parent and subdomain that resolve to the host where I’m running the Let’s Encrypt client.

Is there an additional option I need to specify to the client or something else?


Could you please give some more information? Because “I’m having difficulty” isn’t much to go on… What’s the exact error you’re getting?