I’ve deployed a Linux Nginx-based server on which I request my certificates from Let’s Encrypt (certonly). I also wrote a script for monthly renewals. So far, everything works well.
My requests are based on a config file (using --config option) in which I specified all my domains:
Therefore, I get a certificate with a SAN in it for each one of my domains which is great.
But here comes the problem: The CN is not the first declared domain as it should be! Instead and for any appearant reason, it is domain3.net.
I host my company’s website and I have a reverse proxy for some clients so yes, it is important to me because even if it is perfectly working, I’d like to show my company’s domain (domain1.de) as the CN and not one of my client’s one (domain3.net) on the browsers.
I tried to reorder the line, remove domains and asking brand new certificates then reinsterted them, I even tried to reorder the renewal conf (/etc/letsencrypt/renewal/domain1.de.conf) in which they are not ordered as in the config file by the way…
Anyone had similar problems? Thanks for any kind of help!