How can I get ssl for one more domain?


#1

Hi. I have already three SSL certificates and I need one more now. How can I do this? Also with Google Forms or by email?


#2

Hi @Py64, for right now the best way is to apply to the beta program again for the additional domain. You don’t need to re-apply for the existing ones – they’ll still be whitelisted. Once the new domain is added to the beta, you can get a new cert for that domain (or, if you prefer, a single cert that covers all four).


#3

Thanks for the answer.


#4

Schoen,
I’m not sure if you do it already, but want to throw an idea still:

Suppose, I have 2 domain certs installed already from LE and I want to add one more.
During domain ownership verification, you can pull smth. like https://example.com
If it does return valid LE cert during TLS handshake, you can consider domain approved.
I.e. the response might be 404 or whatever - you are only looking for cert.


#5

@ecc, that idea is interesting, but we don’t have the resources to change the validation methods that we use now, so we’ll need to ask people to continue using the existing validation and issuance methods. I’m very confident that this is the case. :smile:


#6

[quote=“schoen, post:5, topic:3122”]
that idea is interesting, but we don’t have the resources to change the validation methods that we use now
[/quote]Understood.
Do you want me to put it into separate thread (aka feature request), so other folks can critic or suggest something better or more usable?


#7

@ecc, you’re welcome to start a thread about verification methods and use cases – just bear in mind that the CA team’s resources are very limited so no new methods will be deployed in the short term. Despite that, it could be valuable to discuss ones that might be considered in the future if they address use cases that current validation methods don’t.


Domain ownership verification for cert extension and addition
#8

[quote=“schoen, post:7, topic:3122”]
you’re welcome to start a thread about verification methods and use cases
[/quote]Will do! No pushing! :smile:


#9

Technically, anything about validation methods should probably be taken to the ACME working group mailing list at IETF.