How to change domain

Spielmops · February 3, 2023, 8:00pm

I am searching for a "How To" for changing the domain and adjust letsencrypt. I have a working domain with Letsencrypt and want to change the domain and I have time to prepare everything. That's the reason why I'm searching, but found only one how to, but it seems to old, the folders and files described do not correspond to those on my server.

I got Letencrypt via my Nextcloud-installation and had never anything to do with it - all automatic ... But I am used to work with SSH.

Spielmops

rg305 · February 3, 2023, 8:10pm

Hi @Spielmops, and welcome to the LE community forum

If the Nextcloud installation/documentation explains how they obtain certs, we might be able to understand which way to go OR they may be able to handle name changes.
Until then, we can only make somewhat educated guesses.

There is some underlying web service: Apache or Nginx
There is an ACME client: certbot or ???
The site can be reached via: HTTP and HTTPS
You have admin/root access via: SSH

If those things are correct, we can use SSH to find the ACME client and web service used.
Then configure the web service to host the new name via HTTP.
Then get a cert for the new name via the ACME client.
Then ... read read read ... tell NextCloud to use the new name and corresponding cert.

danb35 · February 3, 2023, 8:45pm

How, exactly, did you do this? Because Nextcloud itself doesn't do anything at all with Let's Encrypt.

Spielmops · February 3, 2023, 9:00pm

It is a Nextcloud-Pi installation. It comes with a script "ncp-config", which offers all kinds of settings.

I now how to change/add domains in Nextcloud. I know how to change the domain in Apache2. I am root.

use SSH to find the ACME client
read read read ...

ACME client? certbot?
That is the reason I asked for a How To.

Spielmops

danb35 · February 3, 2023, 10:47pm

Then those support channels are a better place for your question.

From the perspective of Let's Encrypt, it's simply a matter of using your ACME client to request a cert for the new domain name. But your software hides that layer from you, apparently, hence my recommendation to ask their support channels.

Spielmops · February 5, 2023, 9:31am

Try looking at it like this:
My server is working, I can use the terminal, I'm root. Letsencrypt works too. So everything that goes with it has to be on the server. I would like to manage this domain transfer myself, I know that some configuration entries have to be changed on my server for this. I already know some of this, but I've never worked with Letsencrypt because I didn't have to.

But I would like to know how to work with Letsencrypt and that's why I was looking for information, manuals and especially information about what to do for a domain transfer, but couldn't find it. And now I should ask the packagers of Nextcloud-Pi? What will they say? "It's a Letsencrypt thing, so ask there."

And one more thing: again and again in forums questions are answered with a succinct "RTFM". Now I ask where a manual can be found, so I can read it. This question should be easy to answer: either there is a "How To" or there isn't. In the first case the answer could be a link, in the second a "doesn't exist"...

Spielmops

danb35 · February 5, 2023, 10:40am

Yes, because it's their software you're using, it's the ACME client they chose to put in the package, and it's the interfaces they provided to that ACME client.

You work with Letsencrypt using the software that Nextcloud-Pi provided, which they'll have to help you with. Or, if you don't want to use that software, you can get a new cert for any domain you control using any ACME client you like; there are hundreds to choose from:

Spielmops · February 5, 2023, 11:07am

Please see the first post and the first sentence:

I am searching for a "How To" for changing the domain and adjust letsencrypt.

And now the last post with the last sentence:

Now I ask where a manual can be found, so I can read it. This question should be easy to answer: either there is a "How To" or there isn't. In the first case the answer could be a link, in the second a "doesn't exist"...

Spielmops

rg305 · February 5, 2023, 7:18pm

There is no way to change a cert.
Once it is created it is set in stone.
So, I'm not how to address your request to:

If by that you mean a certificate transfer [moving certs from one host to another], then that is possible.
I don't think that is the case, so I will try to answer your question as best I understand it.

The manual for certbot can be found at:
User Guide — Certbot 2.2.0 documentation (eff-certbot.readthedocs.io)

Spielmops · February 5, 2023, 9:03pm

and want to change the domain

Is it that difficult to understand? I do not want to change a cert. As far as I know a cert is for a certain domain. If I want to change the domain, I have to get a new cert. Am I right?

Spielmops

Osiris · February 5, 2023, 9:11pm

Technically, you're absolutely correct in that you cannot modify the contents of an already issued certificate. That said, often with "a certificate" one can also mean a "certificate lineage" in an ACME client, such as Certbot. When you run sudo certbot certificates, you'll get a list of certificates known to Certbot, with a certain certificate "name". This is just a sort of "placeholder" for a certificate and its renewals, which are different certificates technically, but are kept in the same location in Certbot and the files in /etc/letsencrypt/live/.

So depending on the meaning of "certificate", when one means the certificate "linage"/"placeholder" in Certbot, one can change it, even though the literal certificate file won't change. (But a new one is issued, "overwriting" the previous one.)

Spielmops · February 5, 2023, 9:21pm

Ah yes! And that is the answer of my question?

rg305 · February 5, 2023, 9:40pm

[for me] Sadly, yes.
I require many more words to be used to fully describe your desired outcome; So that I may clearly understand it.

Spielmops · February 6, 2023, 8:35am

Ok.

I have my own webserver with Apache. It's certified with Letsencrypt with the client Certbot. A Domainname "mydomain.org" ist pointing to that server. Everything is working fine,

I registered another domain "mynewdomain.org" for me, that fits better for me. What would happen, if that new domainname points to my server without editing anything on my server?

Spielmops

MikeMcQ · February 6, 2023, 1:05pm

Well, since you already have the new domain you can change the DNS today and find out

That's really an Apache question. If you don't have a VirtualHost for the new name then Apache will use the default VirtualHost. If you use HTTPS, there must be a cert in the selected VirtualHost that matches the requested name.

In other words, you need a cert for the new name and an Apache VirtualHost to process it. Same as when you made your other name.

It is just as if you are getting a new name for any purpose. People sometimes run large numbers of domains in one Apache instance. It doesn't know in your case that you intend one to replace the other.

Spielmops · February 6, 2023, 3:14pm

Yes, all of that I know. But I don't want to try and find out. I know, how to change the Apache-setting.

In other words, you need a cert for the new name

How?

MikeMcQ · February 6, 2023, 3:32pm

How did you get your first one? Do the same thing with the new name

Look, when you ask general questions you get general answers. If you want specific advice for your situation you have to be more specific and more explanatory.

We're mostly all volunteers here donating our time and expertise. There is not much more I can do with what you've provided.

Spielmops · February 6, 2023, 4:35pm

My specific question was: is there a "How To" for those, who want to change their domain.

MikeMcQ · February 6, 2023, 4:37pm

Change it where? Apache, Nextcloud, ??

danb35 · February 6, 2023, 4:40pm

...and you've already been given the answer. Repeatedly. If you want to change the domain for your Nextcloud-Pi installation, you should ask whatever support channels exist for Nextcloud-Pi. We can't help you with that.