Official Apache Client Issues Certificate to ServerAlias over ServerName

I recently installed a new certificate with the official Let’s Encrypt client, following the instructions from the website:

$ git clone
$ cd letsencrypt
$ ./letsencrypt-auto --apache

On the Which names would you like to activate HTTPS for? prompt, the domains were listed in the following order:

No selections were changed, I agreed to the license agreement, entered contact email, and it prompted me that certificates were already installed and not expiring soon. These were test certificates that I installed using:

 $ ./letsencrypt-auto --apache --test-cert

Now this may seem like a small nitpick, but it actually makes the directory structure different and this would be more obvious with a different subdomain name.

My current certificate can be viewed here and the SSL Server Test here.

Apache Config File (before running Let’s Encrypt client):

<VirtualHost *:80>
        DocumentRoot /var/www/
        ErrorLog /var/www/
        CustomLog /var/www/ combined



What’s the best way to force the Subject and Common certificate names and directory paths, while keeping it compatible with the Apache module and auto renewal?

Thank you.

I think you’re running into a bug that’s been introduced in the last release which causes the domain order to be scrambled. It’ll be fixed in 0.6.0. More details on GitHub:

You could try downgrading to 0.4.* or running from master (you should expect things to break occasionally with that option).

This probably won’t change the directory name in /etc/letsencrypt/live unless you start with a clean configuration.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.