Procedure for changing from http-01 to dns-01

My environment:

  • latest certbot in docker
  • using http-01 challenge
  • data and logs are saved in a named volume

I want wildcard certs, so I want to change from http-01 to dns-01.

Can I reuse the same data volume, and thus keep my historical logs, certs, config, etc.? If so, must I change anything (other than the dns plugin config)?

Or must I start from fresh?

1 Like

Yes.

2 Likes

FYI, if you have a certificate named “example.com” with "example.com and www.example.com" in it, and you want to replace it with "example.com and *.example.com", you can use “--cert-name example.com” to have Certbot save the new certificate with the same name.

Otherwise, by default, Certbot would save it with the name example.com-0001 because it’s not a superset of the previous certificate.

2 Likes

@mnordhoff Thanks!

I assume I only need to do that the first time - after that I don’t need the --cert-name option?

1 Like

Right. You only need it when replacing the certificate the first time.

(And it’s just about the domain names in the certificate. You don’t need it when adding names, or when just changing the validation method, or something.)

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.