I had originally forgotten to include the mail domain for all my 50+ certs for the virtual hosting I'm doing, and I'm trying to fix them by writing a script to automate this to make my life manageable into the future.
I've run into what I think of as a bug with certbot, but it MIGHT BE because "I'm just not using it properly".
In particular, if I run a command such as:
$ certbot --expand -d primaryDomain.com,www.primaryDomain.com,mail.primaryDomain.com
Certbot throws up a complaint about how it can't tell what of the 50+ certificates I have should be updated, which is patently ridiculous.
NOTABLY, this confused me at first as I thought the command had not already updated the certificate. Rather, upon experimentation, it has in fact created the new certificate, and I STRONGLY SUSPECT it is asking this question because it thinks I want it to update the web server virtual hosting configuration, which I do not want it to do.
Since I need this to run in a script, the prompting is problematic for other reasons...
...In my opinion, as great as certbot is, its documentation could use some help... Is there an option I can use to suppress this behavior? And, I also think the messages should be more clear about what this second phase is all about (and that it already expanded the cert).
Thanks for your thoughts.