Individual certificates for multiple subdomains

pyroneus · April 14, 2017, 12:22pm

Please fill out the fields below so we can help you better.

My domains are: anatheria.com, images.anatheria.com, theme.anatheria.com
I ran this command: certbot-auto
My operating system is (include version): Ubuntu trusty
My web server is (include version): apache 2.4.18
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

I have 3 conf files in sites-available:
004-anatheria-images.conf - this is for images.anatheria.com
004-anatheria-theme.conf - this is for theme.anatheria.com
005-anatheria.conf - this is for the main website

when running certbot-auto and choosing the (sub)domains that I want to register, it only sets up the redirect in 005-anatheria.conf and creates a 005-anatheria-le-ssl.conf - it ignores the other conf files

If i run the command again and only choose images.anatheria.com, the only file it changes is 005-anatheria-le-ssl.conf and the only change it made was to point at the new certificate.

Do I have to do the conf adjustments manually in this instance?

pyroneus · April 14, 2017, 1:59pm

I managed to get what I wanted to work by temporarily taking the 005 confs out of the sites-available directory and running certbot-auto again. after it generated the corrected configs I put the 005 confs back in.

schoen · April 14, 2017, 5:06pm

@bmw, this sounds like it could be an problem in the Apache plugin’s parser?

pyroneus · April 14, 2017, 5:28pm

In case it’s relevant:
The 005 config also has *.anatheria.com in it as a ServerAlias.

bmw · April 17, 2017, 6:39pm

@pyroneus, are you able to provide a full Certbot log (located in /var/log/letsencrypt by default) as well as the files containing the relevant vhosts? Feel free to redact values as you feel appropriate. You can also e-mail them to me if you prefer at my username @eff.org.

pyroneus · April 17, 2017, 7:15pm

I sent them to your email address. Can you please confirm you have received them?

bmw · April 18, 2017, 1:26am

I got your e-mail. Thanks @pyroneus.

I confirmed that this is a bug. Thank you for reporting it. I created #4517 on Certbot’s GitHub repo to investigate the issue.

system · May 18, 2017, 1:27am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.