I have two sites on the same server, if I add lets encrypt on one site then it gets deleted on the other site. How can I make lets encrypt work on both sites at the same time? I am using Bitnami on Amazon lightsail.
Site 1: hello.com
Site 2: hi.com
I am really lost at this so I hope you can guide me through it.
Hi @duha, and welcome to the LE community forum
This sounds like a problem being created by Bitnami.
In general, I would say that you should obtain a single cert for both names.
But I can't be certain if that would even fix the problem.
Many thanks for the reply!
I do agree with your solution that I should obtain a single cert for both names but I really do not know how to do so. Can you help me on my way?
This is actually the guide I followed and it did work but only for one site at a time. As soon as I create a certificate for my other site, it would overwrite the other certificate.
I'm not familiar with Bitnami, so I'm not sure how it works, but if I read the guide correctly, the webserver (Apache or nginx) seems to be configured to read the certificate from a single location. So it's expected to overwrite the previous certificate: there just isn't any way to have multiple certificates next to each other with Bitnami. At least, not as I can read from the guide..
The guide actually does tell you on how to add multiple hostnames into a single certificate. In step 2 the
lego command tells you how to get a certificate for
www.DOMAIN. This is easily expanded to
www.DOMAIN_2 of course.
In conclusion: Bitnami is terrible when it comes to interoperability with certificates and Let's Encrypt (or any other ACME service for that matter), but including 2 domain names into a single certificate shouldn't be an issue.
Also notice that in step 5, renewing the ceritficate, the
lego command used mentions
--days 90, which is not the 60 days recommended by Let's Encrypt. If something goes wrong with 90 days, the lifetime of the certificate, your site will experience certificate errors as the certificate would have been expired. Let's Encrypt recommends to renew after 60 days (or 30 days before expiry), not on the day of expiry itself. That's just Russion Roulette with TLS certificates I guess..
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.