How to prevent certbot from creating NEW certificates ("domain.tld-0001")?


I'm not using the automatic configuration/install features of certbot because the apache2 of the particular system is running inside a chroot and the webroot pathes in the vhost configuration files are relative to the chroot directory.

I run something roughly like this:
certbot certonly --webroot -w /var/jail/page -d domain.tld -w /var/jail/page2019 -d event2019.domain.tld -w /var/jail/page2020 -d event2020.domain.tld -w /var/jail/page2021 -d current-event.domain.tld -d event2021.domain.tld

The call is actually composed by a script because there are much more subdomains then this.

Now, when I removed the "-d current-event.domain.tld" option, because I switched to a 301 forwarding, it created a completely new certificate "domain.tld-0001". I can understand that this might be the obvious behaviour. For me however, it is very inconvenient and I would really like to prevent that from happening.

Is there maybe an option to set the output cert name and overwrite any existing cert??? That would be most helpful for me now, because then I could overwrite the old "domain.tld" certificate and wouldn't have to adjust the apache config files.

If not, can I force renew instead of obtain for the next time?

Kind regards!

Edit: fixed some typos and stuff

Of course: --cert-name <foo>


Ah, that's exactly what I been looking for. Thanks for your help danb!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.