I was succesffully asking and implementing letsencrypt certificate for my tomcat instance for www.projet-okinawa.ch.
The first request was for www.projet-okinawa.ch domain name only that correspond to what it is used externally to acces our web site externally.
The Fully Qualified Domain Name of the server is however different. It is constrained by our virtual host provider.
This is why we requested a certificate a second time by asking it for two domain name (-d www.projet-okinawa.ch -d os-vps133.infomaniak.ch). Everything went well. The command executed sucessfully. But when I explore the certificate or the key files I can see only one Subject Alternate Name (www.projet-okinawa.ch), the one that correspond to the subject and the first one that was asking for. Is it a bug ? or maybe I did something wrong ?
Extract from openssl x509 -text -in fullchain.pem
Version: 3 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X1
Not Before: Mar 12 09:46:00 2016 GMT
Not After : Jun 10 09:46:00 2016 GMT
X509v3 Subject Alternative Name:
X509v3 Certificate Policies:
Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/