How to combine certificates?

fernandoch · November 23, 2017, 9:53am

Hello,

I did not know I could combine certificates for subdomains.

I used this command on Ubuntu

certbot --apache -d example.com

How to combine certificates for new subdomains?

Thanks

bytecamp · November 23, 2017, 10:14am

Have a look into the official documentation:

fernandoch · November 23, 2017, 10:31am

So I would have to use this?

certbot certonly --cert-name example.com -d blog.example.org,forum.example.com

Is it correct? Or should I add apache too?

bytecamp · November 23, 2017, 10:35am

If you used --apache before, you should add it of course.

fernandoch · November 23, 2017, 11:45am

So the command would be like that?

certbot certonly --cert-name example.com --apache -d blog.example.org,forum.example.com

Do I have to add example.com after the -d too or not?

bytecamp · November 23, 2017, 12:02pm

The argument to --cert-name is the name which is displayed when calling certbot certificates, its for identification only. All domains which should be included in the certificate must be given to parameter -d.

fernandoch · November 23, 2017, 12:29pm

Ok then it should be like that I suppose

certbot certonly --cert-name example.com --apache -d blog.example.org,forum.example.com,example.com

fernandoch · November 23, 2017, 10:13pm

But with this it won’t modify the apache configuration right?

What is the right command to add a certificate to a subdomain if I already have the certificate for the domain?

jared.m · November 24, 2017, 6:59am

I think there’s a bit of confusion of terms here. Are you asking how to issue a certificate that includes all the domains and subdomains you need? Or are you asking how to set that up in Apache?

For the former, the answer is that you need to issue a new certificate. Certificates, once issued, are immutable. You cannot add to it, you can only discard it and get a new one with all of the names you want.

For the latter, no, this will not configure your webserver. The certonly command does just what it says - in only gets the certificate. You’ll need to go into your Apache configs and apply the newly issued certificate (including all the names) to your vhost blocks.

fernandoch · November 24, 2017, 10:20am

Clear now thanks.

So if I had already a certificate for a domain and then I decide to create a new subdomain, the best way would be to create a new certificate, correct?

jared.m · November 25, 2017, 10:18pm

Yep! That’s the best, and really only, way.

system · December 25, 2017, 10:19pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Adding additional domains Help	13	8646	January 26, 2017
Adding subdomains after certbot-auto installation Help	2	3925	October 7, 2016
Why certbot suggests a subdomain? Help	8	609	January 1, 2021
Certbot Multiple subdomains - locations Help	5	2372	December 23, 2020
Multiple domain names Help	5	2350	September 14, 2017

How to combine certificates?

Related topics