Upgraded from ubuntu 14.04 (certbot-auto) to 16.04 with nginx. Are there any catches to upgrade to packaged letsencrypt?


#1

I just upgraded my server from ubuntu 14.04 using webroot on nginx I think with certbot-auto for renewals to 16.04.1 lts.

It appears to still be working, but I’d like to upgrade to the ubuntu 16.04.1 letsencrypt package. Do I just follow the install instructions for letsencrypt from the beginning? I do need to add some additional domains, so a full reinstall wouldn’t hurt, but is there anything I should keep in mind by following the instructions found here: https://certbot.eff.org/#ubuntuxenial-nginx

I currently have a cert for my primary domain…but I’d like to add certs for all of my domains…do I specify them all in one go or do I do them individually? Do I have to do one with www and one without if I want my site to be secure with and without www?

I’d like www.mydomain.com and mydomain.com as well as the same for .org and .net to be secured.

Thanks for the help!


#2

The letsencrypt package in Ubuntu 16.04 is slightly outdated and there are some known compatibility issues with renewal configuration files generated with recent versions of certbot-auto when switching to the Ubuntu package.

That being said, since you’re planning to add or replace some certificates anyway, you could simply get rid of your current configuration (move /etc/letsencrypt somewhere else (as a backup, in case anything goes wrong) or delete it), and start with a new one with the Ubuntu package.

I would probably go for a single certificate for all domains in this case, given that it’s the same domain with different TLDs. With certbot, that’s as simple as passing multiple -d arguments, i.e. -d example.com -d www.example.com -d example.org ....


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.