How can I use Use renewal/domain.com.conf params in a certbot --expand command?

Hello!
I'm using certbot for a year already, and everything is working OK. I had to setup some specific environment for my certificate to be automatically renewed, with custom auth_hook and clean_hook.

Now all my renewal parameters are saved in letsencrypt/renewal/domain.com.conf

But now I want to add a new domain to my certificate. The documentation says it could be done with a command

certbot --expand -d newdomain.com

But when I run it certboit ignores the settings I made in domain.com.conf and tries to use default authenticator, which of course would not work.

So my question is: how can I add a new domain to exisitng certificate using the current configuration file from /renewal folder?

Hi @dredkin and welcome to the LE community forum

Try it this way:

Thank you, but this does not help. Even if I list all the domains of my current certificate in the --expand command, certbot still tries to use the default authenticator and installer.

my command was:

sudo certbot --expand -d domain.com,*.domain.com,domain2.com,*.domain2.com,newdomain.com,*.newdomian.com

Looks like there is no option other than specifying ALL the parameters I need to renew the certificate in the command line. That's a little pain in the ass, but if it is inevitable, I'll try to do it...

P.S. If I run

sudo certbot renew --force-renewal

certbot uses .conf file just fine, so it CAN see it when renewing. But does not see when expanding

Yes, I had to remember and specify all the command line parameters used earlier, and after it --expand worked and the new certificate was generated.

Unfortunately, that's indeed the method for expanding a certificate currently.

To me, it doesn't really make any sense if a perfectly fine certificate with a renewal configuration file already exists. I might just open an issue on the Github page about this.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.