Let's Encrypt certbot - add a new domain to certificate

Question

I have certbot installed and it created a certificate for a few domains that I host and that's working - I got a single certificate that covers all the domains. Now I want to add a new domain to the certificate. I saw the the domain roots are listed in /etc/letsencrypt/renewal/domain.com.conf and I added the relevant entry to the domain there (under the [[webroot_map]] section). I then ran

certbot-auto renew --force-renew

Which renewed the certificate (verified the certificate issue date in the browser), but the newly added domain is not listed in the certificate.

Where do I need to add the domain in order to get it added to the certificate?

score 4 · Accepted Answer · edited Apr 01 '18 at 10:56

4

It is not possible to add a new domain or subdomain to an existing certificate as part of the renewal process (see certbot on GitHub for confirmation of this - issue #2230). The solution is to create a new certificate using the same syntax you used originally and adding your new domain with the -d flag.

edited Apr 01 '18 at 10:56

v_2e

329
3
11

answered Sep 13 '16 at 14:00

Josh Wieder

401
3
6

Let's Encrypt certbot - add a new domain to certificate

1 Answers1