[HELP] 1 certificate for 3 domain


#1

Hi every body ,

I am setting letsencrypt for my server : Ubuntu 16.04 , Apache2

I can setup 1 certificate for 1 domain with each *.conf file in /etc/apache2/sites-avaiable.

Now I have 3 domain : domain1.abc.com , domain2.abc.com , domain3.abc.com . It was ran on 1 source /var/www/abc with a *.conf file . I am trying to setup 1 certificate for 3 domain but I cann’t .

Some body can help me ?


#2

Can you explain more about what you tried to do and what didn’t work? I don’t understand exactly what you mean when you say that you can’t set up one certificate for three domains (for example, you don’t know how to do that with a Let’s Encrypt client application, you don’t know how to configure that in your web server configuration, you get an error message when trying to obtain the certificate, or something else?).


#3

hi Schoen ,

My english is not good -> not enough information for you . I will explain again.

I had 3 domain : http://shanleyfinancial.aces-staging.dover.com.au/ ; http://championit.aces-staging.dover.com.au/ ; http://aces-staging.dover.com.au/

It made it run in IP server : 103.236.163.36 with a folder : aces ( http://prntscr.com/ey3agq )

when I used command : sudo letsencrypt --apache -d aces-staging.dover.com.au -> I can create certificate for https://aces-staging.dover.com.au/

but I want created 1 certificate for 3 domain , I tried to use command : sudo letsencrypt certonly --webroot -w /var/www/aces -d aces-staging.dover.com.au -d championit.aces-staging.dover.com.au -d shanleyfinancial.aces-staging.dover.com.au

it is success but when I check : https://shanleyfinancial.aces-staging.dover.com.au/ , browser said no secure .

Can you help me ?


#4

Thanks for the explanation! Now I know what the problem is.

When you use letsencrypt --apache, Certbot (which is the new name for the letsencrypt program) obtains and installs the certificate. That is, it gets the certificate from the CA and then configures the web server to use the new certificate.

When you use letsencrypt certonly, Certbot only obtains the certificate, but does not install it. Your new certificate exists but your web server has not been configured to use it. This is the meaning of “certonly” (certificate only, but no installation).

One possibility is to try again with the --apache form, but this time specifying all of the domains (because that appeared to work). This will not delete the other certificate(s) but it may successfully install the new certificate for you.

As an alternative, if you can edit the Apache configuration files within /etc/apache2/sites-available, you can find the location where each virtual host is configured to use its own certificate (or, perhaps some of the virtual hosts have not yet been configured to use HTTPS at all). If you make them all use HTTPS with the certificate data from the correct location, they should all work after Apache has been restarted or reloaded.

If you have a recent enough version of Certbot, you can find out which certificates you have obtained and where they are stored on disk by running certbot certificates. However, you might not have a recent version, depending on how you installed Certbot on your system.


#5

Hi schoen ,

I made it success , thank you very much .


#6

How many domains can I add to this command , Schoen?


#7

I believe the limit is currently 100 names in a SAN


#8

Thank you very much , TheEggman


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.