The canonical name for my web domain is not on the same server as the subdomains I want to secure

We have a domain where the website is hosted with Weebly using their certificate, but I need to protect a couple of subdomains on our own Ubuntu/Apache server. The server hosting the 2 subdomains I want to protect are already set up using an expensive GoDaddy SAN certificate which is expiring soon, and I'd like to use a Let's Encrypt certificate for them instead.

However, reading through all the documentation I can find, the command line for setting this up always includes the canonical name for the domain, then the subdomains. But the actual DNS records do not point to the same IP address as the subdomains, and I can't do anything about the Weebly certificate on the main website.

Is this configuration possible?


1 Like

Sure, just request a certificate for those subdomain(s) on the server running those subdomain(s).


So, on my Ubuntu/Apache server, I just use:

sudo certbot --apache -d -d

...but NOT include the "base domain" "-d", which is on the Weebly system?




Perfect, thanks very much! I was misled by every tutorial I read, where it seemed like the "base domain" was a required part of the command, but I was obviously just interpreting the examples wrong.

Thanks for your speedy response, really appreciate it!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.