Set common name at multi-domain certificate

Hello,

How to set common name at multi-domain certificate? I run сertbot with command

sudo certbot certonly \
	--dns-cloudflare \
	--dns-cloudflare-credentials /etc/letsencrypt/cloudflare.ini \
	-d mx.domain.com -d mail.domain.com

and I got certificates at /etc/letsencrypt/live/mx.domain.com. Then I check it and see common name is mail.domain.com, not mx.domain.com. But I need strict set common name to mx.domain.com.

# openssl x509 -subject -ext subjectAltName -noout -in cert.pem
subject=CN = mail.domain.com
X509v3 Subject Alternative Name:
    DNS:mail.domain.com, DNS:mx.domain.com

My old certificates got common name from first domain in certbot run command. But now something change at Let's Encrypt and my new certificates got first alphabetic domain as common name. Renew certificates aren't affected.

Welcome to the community @chernyshaw
Yes, there was a recent change in how the Common Name was chosen

See below topic for details.

Can you explain why you need the Common Name to be as it is. Because longer term Common Name won't be used at all.

Thank you for fast and clear responce!

In my case I have 2 mail servers (mx1.domain.com, mail.domain.com) and (mx2.domain.com, mail.domain.com) and now they mix up at my monitoring service. But I can manage with it.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.