It produced this output: just seems to mess up the apache2-le-ssl.conf file and inside of a virtual host listing in this file it messes up the path of SSLCertificateFile and SSLCertificateKeyFile
eg I am hosting multiple website say abc.com and xyz.com
in the virtual hosts section of abc.com it will list the path to SSLCertificateFile and SSLCertificateKeyFile as /etc/letsencrypt/live/xyz.com .
It seems to do this when I am adding new SSLs to new domain names via certbot with regular domains (not sub)
My web server is (include version): Server version: Apache/2.4.29 (Ubuntu)
Server built: 2021-11-14T23:52:18
The operating system my web server runs on is (include version):Ubuntu 18
My hosting provider, if applicable, is: NA
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No way!
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.4.0
Big thanks for the free certs - bloody brilliant service from your guys!
That depends on how you intend on using those names.
If all names are going to be hosted within one vhost [using same document root], then it should be fine.
Anything else depends on your specific needs and actual uses.
Well, what looks OK to you might not to us. What you are describing is highly unusual. It almost certainly is that your expectations of what should happen is not correct. Even if you have run into some sort of bug you will need to provide more info than you have. It is just too general to try to do anything with.
This is a misunderstanding. There is no magic between apex domains and subdomains (well, not in this context anyway). They are all just names that Apache matches (via SNI and ports) to VirtualHosts (certbot does similar matching). And, they all look the same in a cert (in the SANs list).
I should add that based on your cert history it looks like you have two cert configs in Certbot for the same set of domain names. And, you have another cert with a much larger grouping of names. There is plenty that can go wrong with that.
Yes I did see that and that's probably the reason for the mess. Yesterday I tried to remove that cert but I still saw it in my /etc/letsencrypt/live directory.
Sorry total noob here when it comes to certs. They worked brilliantly for my standard domains and I was just tying to set up some subdomains for testing new WP installs. I think I understand how they woking better now and probably just a case of RTFM!