I’ve installed certificate for Apache web server, using “–apache” Certbot’s command.
Then I’ve used this certbot command to install certificate for mail server, physically located in the same system: “sudo certbot certonly --standalone -d mail.example.com”. Using it, I was asked to stop Apache web server to free port 80.
Here is my question: how to update both certificates automatically? What will happen when I’ll use “certbot update” command next time? Will it update web sites certificates only? If so, then can I add “mail.example.com”, pointed above to my web server’s virtual domains list? Will it allow certbot to update both mail.xxxx and www.xxxx certificates?
Or have you better solution for such automation?
You can use Apache also only for the authentication, as everything runs on the same server you’ve said.
certbot certonly -a apache -d mail.example.com
That should do the trick. You don’t need a virtualhost for that specific hostname, certbot will generate a temporary config for that. If you want, you can add more hostnames, for example:
certbot certonly -a apache -d mail.example.com -d imap.example.com -d smtp.example.com
Whatever you like
Thank you, of course I understand that I can send separate commands for every host.
My question was just about the renewal process. Say, now I have one certificate, installed with --apache key and another one, issued by “manually” using “certonly” command. What will happen when I’ll use “update” command? will both certs be updated? I’d like to setup a cron task. This is why I’m asking.
Yes, you can just use
certbot renew. However, you’ll probably need to reload your mail services. You can use
--deploy-hook to execute a script to do that.
Thank you for the explanation.
Is there any code sample I could use in order don’t invent a wheel?
I’m not familiar with off the shelf scripts, sorry. Although it shouldn’t have to be more than two lines: the reload commands aren’t that difficult
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.