Let's encrypt for multiple domains on the same server


#1

Hi !

We need to use let’s encrypt for multiple domains (so multiple certificates), over than 1000 domain names.

It’s a cluster with on apache config for all domains, each domain on a différent folder.

Is that kind of things possible with awesome let’s encrypt ?

Thanks à lot !


#2

in short - yes.

I’d set up a test ( with just a few domains) using the test / staging server to check you have everything working before trying to do all of them. Should be fine though.


#3

How would i do that? I just installed it on my 14.04 Ubuntu Apache2 for one of my domain, now i want to install it on second and when i run commands given by certbot, it only shows one domain in “Which names would you like to activate HTTPS for”


#4

you will need to set up virtualhosts

https://httpd.apache.org/docs/2.4/vhosts/examples.html

each virtual host will needs it’s own cert and key paths. you can have a common folder for all certs and keys and differentiate them by name

Everytime certbot renews the certificate it will write to a directory of your choosing.

sample ssl configs for virtual hosts

https://mozilla.github.io/server-side-tls/ssl-config-generator/


#5

Thanks a lot for your answers :slight_smile:

But problem, we are using a single VirtualHost with a RewriteMap.

Something like that :

<VirtualHost 123.456.789:80>
ServerName localhost
RewriteEngine on
RewriteMap lowercase int:tolower
RewriteMap vhost txt:/home/configserv/virtualhost.map
......
</VirtualHost>

And into the virtualhost.map :
www.client-1-example.com /home/web/clients/1
www.client-2-example.com /home/web/clients/2
www.client-n-example.com /home/web/clients/N

Any kind of idea how could we process ?

Thanks ! (and happy week…)


#6

First I’ll just expand slightly (for clarity of others who may read this thread as well). There are two different things here. The Certificate Authority (Let’s Encrypt ) and whatever client you use to get the certificates from Let’s Encrypt - certbot being the official client and many alternative clients.

So in answer to your initial question - does the CA (Let’s Encrypt) support what you want to do - yes.

In your subsequent question of how? then it depends which of the many clients is best suited to your requirement. Certbot requires the apache config in separate virtualhosts if you want to do it automatically from there. Other clients are slightly different, and could potentially read from your virttualhost.map. With limited information about your setup though, it’s tricky to give detailed, accurate advice.


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.