I recently installed a new certificate with the official Let’s Encrypt client, following the instructions from the website:
$ git clone https://github.com/letsencrypt/letsencrypt
$ cd letsencrypt
$ ./letsencrypt-auto --apache
On the Which names would you like to activate HTTPS for? prompt, the domains were listed in the following order:
No selections were changed, I agreed to the license agreement, entered contact email, and it prompted me that certificates were already installed and not expiring soon. These were test certificates that I installed using:
$ ./letsencrypt-auto --apache --test-cert
Now this may seem like a small nitpick, but it actually makes the directory structure different and this would be more obvious with a different subdomain name.
My current certificate can be viewed here and the SSL Server Test here.
Apache Config File (before running Let’s Encrypt client):
<VirtualHost *:80>
ServerAdmin webmaster@atomicspark.net
ServerName atomicspark.net
ServerAlias www.atomicspark.net
DocumentRoot /var/www/atomicspark.net/public_html/
ErrorLog /var/www/atomicspark.net/logs/error.log
CustomLog /var/www/atomicspark.net/logs/access.log combined
</VirtualHost>
Expected:
- Certificate to be issued to the atomicspark.net domain, the Subject Alternate Name to have both atomicspark.net and www.atomicspark.net
- Directories created by installer to be named atomicspark.net and not www.atomicspark.net
Workaround:
What’s the best way to force the Subject and Common certificate names and directory paths, while keeping it compatible with the Apache module and auto renewal?
Thank you.