Well, I read the document about Cerbot for manually signing for certificates. For example, let’s call it Command A:
certbot .... -d example.com -d example.net -d example.org
will issue a certificate with common name
example.org as DNS names in SAN.
And then, re-running the above command to still use
example.com as the first
-d parameter but with some other different domain names (let’s call it Command B) would result in renewing the certificate just issued.
So, it seems that it’s not possible to issue multiple certs with a same common name at this moment. But what if I run Command B, either:
- in the same OS but with a different Let’s Encrypt account;
- in a different OS* with the same Let’s Encrypt account as what I ran Command A;
- in a different OS* with a different Let’s Encrypt account;
- Or even I run Command A in a different OS*;
- or other circumstances when I could sign for multiple certificates with a same common name.
* a different OS could mean a different machine or a different system in the same machine.
Could I successfully have these certificates issued?
An example for this scenario:
Cloudflare used to issue certificates with
sni123456.cloudflaressl.com as the common name and different DNS names in SAN.
But nowadays, it just issues certificates with
sni.cloudflaressl.com as the common name but for different sites, it’ll have different SANs, e.g.,
example.com as DNS names in SAN for site example.com,
example.net as DNS names in SAN for site example.net.