Is this possible?



I’m new to letsencrypt, but I have read the howto’s and still am unable to figure out if what I want is at all possible.
Already have a letsencrypt certificate for my site, but this one is nearing it’s expiration. Last time I checked, the domain was not in the PSL (therefore unable to prolong the certificate), so I tried to search for ways around this.
One post I could find mentioned to get a (cheap) domain (in my case that would be *, and have this domain redirect to the domain.
Now I am the proud owner of, and a bunch more, and my provider lets me change the DNS A record so that * points to

My question now is if it is possible to get a letsencrypt certificate for (or *, and use this certificate on my Apache server on my own linux box.

The flow of network traffic would be something like this (I imagine…) :slight_smile:

internet -> -> my apache server which has the letsencrypt cert -> redirect

The redirect is not quite correct. I have the DNS A record for * pointing to the ip for

I hope my question is clear, but in any case the answer to it is not clear to me.

Hope someone can help me out here.

Hans (duh…)


Hello @phloks,

You are right is not included in PSL, anyway, right now you could issue a certificate for your domain (there are 10 remaining certs). Also, keep in mind that the rate limits have changed and now the limit are 20 certs per 7 days but what is more interesting, there is an exception to this limit for renewing certificates (issuing a new certificate with same names as a previous one) so doesn’t matter whether domains for hit the 20 limit, if you already issued your cert, you could renew it.

I don’t really understand what’s your final goal so let me guess it.

You already have a domain and you use it because it is free and/or because it allows to perform Dynamic DNS Changes. Now you get your own domain and you want to use it as your main domain but I don’t understand why you want to redirect to If you perform that redirect, you will need 2 valid certificates, 1 for and 1 for

So, I think that you want to use but you need to update the dynamic ip of your home/office where you will serve your web site so I would recommend to change your DNS A records for and * and use a canonical name (CNAME) pointing to CNAME

Using this approach your main domain will point to your dynamic ip and you will only need certificates for your domains. Of course, you should configure your Apache to serve but you already did it for your domain so that should not be a problem to you :).

I don’t know whether I made this post very clear or maybe I didn’t understand your final goal so if you have any question, let me know.



Hi Sahsanu,

Thanks !
You made it a lot more clear to me how I should handle this issue.
I’ll try implementing the CNAME stuff (if my provider lets me do that…)



This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.