Letsencrypt --expand multiple directories

I would like to Expand an existing certificate by adding a new subdomain.

Currently contains: alpha.test.com
Would like to add: beta.test.com

I have two questions about this.

  1. Each goes to a different site/folder on the server
    alpha.test.com goes to /var/www/alpha.test.com/html
    beta.test.com goes to /var/www/beta.test.com/html

    So does the following command look right:
    sudo letsencrypt certonly -a webroot --expand --webroot-path=/var/www/alpha.test.ca/html -d alpha.test.ca --webroot-path=/var/www/beta.test.ca/html -d beta.test.ca

In my nginx/sites-enabled, I am forcing all non-https traffic to https with the following:
return 301 https://$server_name$request_uri;

Do I need to turn this off for this expansion - and for that matter - each time I need to renew the cert?
My initial tests are giving me invalid response warnings.
Can I force it to call https://alpha.test.com/.well-known… ?

Yep! That looks perfect. If you want it to be more concise, you can write --webroot-path as the short form -w.

No, the CA follows 301 redirects, including 301 redirects to an HTTPS URL, as part of the validation process. Lots of people even use them intentionally as part of their validation setup. If this is failing, there's some other reason, which you can perhaps diagnose or we can try to help figure out.

It worked - Thank you!

Great, glad to hear it!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.