Multiple domains multiple certs

My domain are: aaa.to and bbb.to

I ran this command: sudo certbot --apache -d aaa.to --preferred-challenges 'http' --agree-tos --no-redirect --cert-name aaa.to

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
...
Deploying Certificate to VirtualHost /etc/apache2/sites-enabled/000-default-le-ssl.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://aaa.to

My web server is (include version): Apache/2.4.18

The operating system my web server runs on is (include version): Ubuntu 16.04

I can login to a root shell on my machine (yes or no, or I don’t know): yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

When I try to create another cert using sudo certbot --apache -d bbb.to --preferred-challenges 'http' --agree-tos --no-redirect --cert-name bbb.to the /etc/apache2/sites-enabled/000-default-le-ssl.conf file is overwritten thus accessing https://aaa.to does not work anymore.

Is there a way to write a new file instead (ie 000-aaa-to-le-ssl.conf, 000-bbb-to-le-ssl.conf)?

NB: I do not want to issue a certificate for both domains because I would like to be able to add or remove one without affecting other domain names.

1 Like

Hi @thibauds,

You can write one for yourself by hand by not using Certbot's Apache installer (with certbot certonly).

If you would like Certbot to do this for you, it expects that the domains in question would be covered by distinct HTTP virtual hosts in your Apache configuration. It seems like right now they are covered by the same virtual host, and so Certbot changes the certificate back and forth when installing. But if there are two different HTTP virtual hosts with the appropriate names, Certbot will use each of them as a basis for creating a distinct HTTPS virtual host with the appropriate certificate.

Even if the sites are going to serve the same content, keeping them as separate virtual hosts in your web server configuration is probably more conducive to the ability "to add or remove one without affecting other domain names".

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.