I Virtual Host severals websites using Cento 6 and Apache. It wasn’t too difficult installing and using certbot-auto for the first time but I do have a question.
Is there an easy way to set the Base Name and Common Name (CN) from the command line. This worked fine for setting the Base Name, but the Common Name was still picked, alphabetically?
I’ll give that a try. How is the domain list built on renewal? Is there a text file somewhere that I can edit the order in or should I always specify all of the domains in the cron job?
Would this retain the Base Name and Common Name once I’ve got it set right?
It is stored in the renewal configuration file, but you should not modify this file directly.Using certbot with the --cert-name option as described earlier will create a new certificate with the desired values and then update that file for you. and is the only way to update the domain list, as certbot just reads them from your last certificate.
[Thanks to schoen for the correction.]
It is not necessary nor is it recommended to run a full certbot issuance command in a cronjob. Instead...
...this is indeed what your cronjob should do.
This command checks your certificate's expiration date and only renews it 30 days in advance of expiry, so you should run it every day to make sure your certificates are renewed on time, even if there's an outage one day.