I'm having trouble figuring out the proper certbot commands to issue 2 separate certificates for 2 separate domains.
I'm on a linux mint system (an ubuntu derivative). I'm running Apache, and the two websites are placed in /var/www/html. In other words, I have:
/var/www/html/Site1.com
/var/www/html/Site2.org
I've tried various combinations of the -d and -w flags, but I can't seem to get it right. Can someone tell me what the right sequence of commands would be?
Many thanks!
You should invoke certbot once per certificate:
certbot [subcommand] [options] --webroot -w /var/www/html/Site1.com -d site1.com
certbot [subcommand] [options] --webroot -w /var/www/html/Site2.org -d site2.org
Still going once per certificate, you can also use certbot interactively and let it read apache's config.
Maybe the details are in [subcommand] and [options] ?
When I just do:
certbot --webroot -w /var/www/html/Site1.com -d site1.com
I get back: With the webroot plugin, you probably want to use the "certonly" command ...
When I try to run it interactively, by saying:
certbot --apache
Then picking the first site. That works. But if I run it interactively a second time, picking the second site, then it appears to "mix up" the two sites. It appears to have added these lines to the apache config file for the second site:
RewriteEngine on
RewriteCond %{SERVER_NAME} =Site2.org [OR]
RewriteCond %{SERVER_NAME} =Site1.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
I'm at a bit of a loss to understand what's happening. I assume that certbot thinks these are not individual sites when I run it this way?
One more note. I apparently did actually get two certificates when I ran "certbot --apache" twice. I was able to edit the apache configuration files for the two sites to properly point to their respective certificates and to rewrite correctly.
But I really would love to know how to get separate certificates properly for separate sites. Also, I have a feeling that the same problem will crop up when these certificates need to be renewed.
The place to start with Apache is by showing output of this
sudo apache2ctl -t -D DUMP_VHOSTS
On Ubuntu anyway, maybe you need apachectl or httpd on Mint IDK.
I was probably naive to think there would be a simple answer on how to do this. I'll spend more time studying the documentation. Thanks for the tips though.
There is. But, you need a viable working Apache config starting off. There is probably something "off" about your config. We can get it fixed quickly if you just show the output.
My guess is you have multiple VirtualHosts with overlapping domain names. But it is only a guess until we see the output 
OK, thanks. I've run out of time for this today. But I'll check on that next time and post back here if I've got anything new. Thanks again for the assist.
Just to close the loop on this, when I looked back on what I'd done I realized that I was actually using two different subdomains of the same primary domain when I ran the test. In other words, it wasn't actually site1.com and site2.org. It was actually site1.mydomain.com and site2.mydomain.com (both .com).
So I'm assuming that was my problem. I haven't actually tried things again yet, but just in case you never hear back from me I just wanted to document what happened (never know when someone else might find this searching on the same issue).
If you still have problems show the output of below command and we can sort it out. Thanks.