Certbot - Updating domain list
Config: Apache2 on Debian 9
I have added and removed domains from my server and consequently "certbot renew" failed. Apparently, simply enabling and disabling in apache isn't enough. I've had a look at the certbot documentation but I'm not sure how to proceed. My question is how do I add or remove domains in a way certbot will recognize? Example.
Certificate Name: example.com
Domains: domain1.com domain2.com domain3.com domain4.com domain5.com
How would I remove domain2.com & domain4.com ?
How would I add domain6.com & domain7.com ?
I hesitate to use "certbot delete example.com" followed by "certbot install" lest something goes wrong and I lose access to the domains.
Related to this, and for the sake of being thorough, when I "a2dissite site.com" the secure symbolic link is not deleted and must be removed manually.
Thanks in advance.
1 Reply
Okay, here we go.
Use --dry-run flag or risk exceeding the rate limit. Not a big deal but may delay the update for a day or so. The trick here is to use the -domains or -d flag to set the list of [comma separated]domain names. So, to answer the above question…
certbot --dry-run certonly --cert-name example.com -d domain1.com,domain3.com,domain5.com,domain6.com,domain7.com
If that runs successfully, then remove the dry-run flag and do it for real:
certbot certonly --cert-name example.com -d domain1.com,domain3.com,domain5.com,domain6.com,domain7.com
The certificate is renewed at the same time it is updated.
I hope this helps anybody who finds themselves in the same predicament I was in.
Reference: https://certbot.eff.org/docs/using.html#changing-a-certificate-s-domains