I previously set up a certificate using both versions of my primary domain (ayaadvisors.org and www.ayaadvisors.org) as well as some secondary domains that forward to the primary one (ayaadvisors.com, ayaadvisors.net, ayaadvisor.net), and everything has running smoothly until it came time for renewal.
I had since used one of the secondary domains for some testing purposes, so it was no longer pointing to the primary domain, and so it wasn’t passing verification. And I’m not even sure why the other secondary domains were having DNS issues.
I realize now though that it wasn’t necessary to include those secondary domains on the certificate (at least I think that’s correct), and to bypass issues with the secondary domains, I’d like to simply start over again and only create a certificate for the primary domain (and the WWW-version of the domain name).
To my understanding, I can run the
certonly command, generate the new certificate, and then replace the current certificate with the new one.
And so far, I ran…
~/certbot-auto certonly -d ayaadvisors.org -d www.ayaadvisors.org
…which resulted in…
Generating key (2048 bits): /etc/letsencrypt/keys/0000_key-certbot.pem Creating CSR: /etc/letsencrypt/csr/0000_csr-certbot.pem
I’m unclear though on what to do with these files, as /etc/letsencrypt/live/ayaadvisors.org contains 4 files, not 2, and they’re not even named the same:
cert.pem, chain.pem, fullchain.pem, and privkey.pem
Any helpful input regarding how to install the new key and CSR (and perhaps clarify whether these are the only steps necessary for replacing the old certificate) would be great appreciated!
My operating system is (include version): CentOS 6.8
My web server is(include version): Apache 2.2.15
My hosting provider, if applicable, is: HostWinds
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Yes, ZPanel