I recently received the letsencrypt Digest mail where I spotted the topic “Help us test renewal with “letsencrypt renew”” and today I received the expiry warning. So I did give it a try and followed the instructions. But the renew command failed, it used standalone plugin while Apache was running. Which is fine, because I initially used the standalone plugin.
Now I have a Apache2 config with three domains, one domain uses the letsencrypt certs. Since renew param didn’t work, I started letsencrypt directly and it didn’t show me the correct domains to request certificates for. It showed only one domain from the three domains in the Apache2 config. So I cancelled and added -d param with my domains (-d example.com -d www.example.com).
letsencrypt somehow managed to renew the certificates, but changed the Apache2 config and left it messed up. The problem was letsencrypt added the various cert entries to the other domains. Best thing would be letsencrypt just does the renewal and does not change the Apache2 configuration at all.
The question is, how can I prevent letsencrypt from editing the Apache2 configuration but in the same time, make letsencrypt renew work?
And is it save to post letsencrypt logs so you guys can take a look at?