Update without server restart and www/non-www certificates


#1

Hi,

First thanks for such a great service! Today I received an Email invitation with my domains accepted, though, documentation seems a bit messy for me. I need to just make sure:

  1. If I want to issue a certificate that’s both available for root domain and the one with www (example.com and www.example.com), do I need to issue a command like that:

    -d example.com

or like that:

-d example.com www.example.com
  1. I’m running nginx on a production server and need to configure certificates for a few websites without downtime. What would be the best and appropriate way to do this?

Thanks to anyone for help!


#2
  1. All domains must be explicitly defined, e.g. -d example.com -d www.example.com
  2. nginx supports both zero-downtime conf (cert) reload and daemon restart. Depending on your distribution it may be as easy as service nginx reload or systemctl reload nginx for the first case, and a little trickier for the second. Relevant docs.

#3

Webroot authentication is probably the method you want to use: