[RESOLVED] Certbot - how to specify webroot for unmatched domains?


#1

I am using

certbot certonly --webroot --webroot-path /var/www/htdocs/webroot -w /var/www/htdocs/webroot -d example.com -w /var/www/htdocs/example1 -d example1.com -w /var/www/htdocs/example2 -d example2.com

What I get is

Using the webroot path /var/www/htdocs/example2 for all unmatched domains

So what is the point of the --webroot-path option if it is being ignored.

I would like to see

Using the webroot path /var/www/htdocs/webroot for all unmatched domains

How may I adapt my command to achieve this?


#2

I’m not sure that I fully understand your question.

the --webroot-path applies to all the domains that follow, until there is another --webroot-path

so if you have --webroot-path /patha -d domain1 -d domain2 --webroot-path /pathb -d domain3 -d domain4 -d domain5

Then /patha will be used by domains1 & 2
/pathb will be used by domains 3,4 & 5

from the documentation

When requesting a certificate for multiple domains, each domain will use the most recently specified --webroot-path. So, for instance,

certbot certonly --webroot -w /var/www/example/ -d www.example.com -d example.com -w /var/www/other -d other.example.net -d another.other.example.net

would obtain a single certificate for all of those names, using the /var/www/example webroot directory for the first two, and /var/www/other for the second two.

#3

Thanks a lof for having a look at my question and answering it.

Well the documentation does not tell at least in this spot that the -w option is an alias for the --webroot-path option. It verbosely explains the latter and the examples uses the first, i.e. the alias. That’s what got me off track regarding this option. :frowning:

What I wanted to know it how I can specify the webroot for unmatched domains. Indeed that was not really clear from my description. O_o

Now I can also self-answer: Since it always uses the last webroot specified the command should be:

certbot certonly --webroot -w /var/www/htdocs/example1 -d example1.com -w /var/www/htdocs/example2 -d example2.com -/var/www/htdocs/webroot -d example.com

Everything is in fluff now. :slight_smile:


#4

The paragraph above in the documentation …

In addition, you’ll need to specify –webroot-path or -w with the top-level directory (“web root”) containing the files served by your webserver. For example, --webroot-path /var/www/html or --webroot-path /usr/share/nginx/html are two common webroot paths.

If you’re getting a certificate for many domains at once, the plugin needs to know where each domain’s files are served from, which could potentially be a separate directory for each domain. When requesting a certificate for multiple domains, each domain will use the most recently specified --webroot-path. So, for instance,

certbot certonly --webroot -w /var/www/example/ -d www.example.com -d example.com -w /var/www/other -d other.example.net -d another.other.example.net

would obtain a single certificate for all of those names, using the /var/www/example webroot directory for the first two, and /var/www/other for the second two.


#5

Ah, ok. My bad. Senior moments. Still I believe that the example should use --webroot-path instead of -w, just for consistency’s sake.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.