I have a ssl running on the multiple domains like www1.domain.com, www2.domain.com, www3.domain.com, www4.domain.com. sharing same web root like /var/www/ssl. I need to add more domains to the existing ssl like www5.domain.com, www6.domain.com so, How can I do the same. Any help?
What kind of software and hosting environment are you using? How did you get your original certificate?
I would say “more of whatever you’ve already done” should continue to do the trick.
That said, and since you say that they all go to the say root, I would save time and effort and make one cert with all the names in them.
And if you wait until (after) Christmas… Santa will be bringing us all FREE wildcard certificates from LE.
Which means, one *.domain.com cert could handle all your current (and future) sites.
I am using letsencrypt on ubuntu. I am not sure about the original certificate because the guy who installed was left the company.
Here is the below command i get from history:
./letsencrypt-auto certonly --webroot -w /var/www/ssl/ -d www1.domain.com -w /var/www/ssl/ -d www2.domain.com -w /var/www/ssl -d www3.domain.com
so the main shared ssl is www1.domain.com
You should be able to re-run the same command, adding additional -w
and -d
options to reflect the webroot directories and domains for the other names that you want added to your certificate. This should update /etc/letsencrypt/live
with a new certificate accessible in the same location that also covers the other names.
There is a possibly counterintuitive behavior that may occur¹ if you don’t also list all of the existing names in the new command, but if you list all of the existing names as well as the new names, everything should be fine. You can check with ./letsencrypt-auto certificates
.
More than a year ago, the name of the letsencrypt
tool was changed to certbot
, so all current documentation will refer to certbot-auto
instead of letsencrypt-auto
. However, the old name of the software still also works for backwards compatibility reasons.
¹ This would result in partially duplicative overlapping certificates that are named, managed, and renewed separately.
Great Man, Thanks for the solution. I’ll try. Thanks for your help.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.