Letsencrypt --expand multiple directories

thierce · June 9, 2017, 1:57pm

I would like to Expand an existing certificate by adding a new subdomain.

eg:
Currently contains: alpha.test.com
Would like to add: beta.test.com

I have two questions about this.

Each goes to a different site/folder on the server
alpha.test.com goes to /var/www/alpha.test.com/html
beta.test.com goes to /var/www/beta.test.com/html

So does the following command look right:
sudo letsencrypt certonly -a webroot --expand --webroot-path=/var/www/alpha.test.ca/html -d alpha.test.ca --webroot-path=/var/www/beta.test.ca/html -d beta.test.ca

In my nginx/sites-enabled, I am forcing all non-https traffic to https with the following:
return 301 https://$server_name$request_uri;

Do I need to turn this off for this expansion - and for that matter - each time I need to renew the cert?
My initial tests are giving me invalid response warnings.
Can I force it to call https://alpha.test.com/.well-known… ?

schoen · June 9, 2017, 6:36pm

Yep! That looks perfect. If you want it to be more concise, you can write --webroot-path as the short form -w.

No, the CA follows 301 redirects, including 301 redirects to an HTTPS URL, as part of the validation process. Lots of people even use them intentionally as part of their validation setup. If this is failing, there's some other reason, which you can perhaps diagnose or we can try to help figure out.

thierce · June 9, 2017, 7:11pm

It worked - Thank you!

schoen · June 9, 2017, 7:13pm

Great, glad to hear it!

system · July 9, 2017, 7:13pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.