This is what certbot --apache -d domainname1.com accepts (in sites-available .conf files for default and ssl)
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =domainname1.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.
# RewriteCond %{SERVER_NAME} =domainname1.com
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
ServerName domianname1.com
SSLCertificateFile /etc/letsencrypt/live/domainname1.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domainname1.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
Attempting to add another domain to either the cert by expanding or add a whole new cert for another domain gives two different errors. Both both revolve around a virtual host issue with what’s above.
If I try to do something like this
<VirtualHost *:80>
ServerName domainname1.com
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =domainname1.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:80>
ServerName domainname2.com
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =domainname2.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName domainname1.com
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
SSLCertificateFile /etc/letsencrypt/live/domainname1.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domainname1.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
<VirtualHost *:443>
ServerName domainname2.com
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
#commented out because not setup yet, if I leave this certbot won't install cert either
#SSLCertificateFile /etc/letsencrypt/live/domainname2.com/fullchain.pem
#SSLCertificateKeyFile /etc/letsencrypt/live/domainname2.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
Everything breaks for wordpress (website can’t be found type errors) and certbot won’t setup/install a second domain name cert. And I need certs for about 20 domain names. I assume this will take something manually done instead of relying on the --apache flag? The virtual hosts setup for this situation is what I’ve been trying my google-fu at and have come up short on working solutions. I don’t use www for any of the domains, and want forced https on all of them, and it seems that would be straightforward… but… what am I doing wrong? thank you