0

This time when I used certbot it created a certificate for "www.$website" instead of $website. This is not what I need.

Here it is:

  $ website="my_website123.com"
  $ sudo certbot certonly --standalone -d $website -d www.$website --email admin@$website           
  Saving debug log to /var/log/letsencrypt/letsencrypt.log
  Plugins selected: Authenticator standalone, Installer None
  Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
  Cert not yet due for renewal

  You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
  (ref: /etc/letsencrypt/renewal/www.my_website123.com.conf)

  What would you like to do?
  -------------------------------------------------------------------------------
  1: Keep the existing certificate for now
  2: Renew & replace the cert (limit ~5 per 7 days)
  -------------------------------------------------------------------------------
  Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
  Renewing an existing certificate
  Performing the following challenges:
  http-01 challenge for my_website123.com
  http-01 challenge for www.my_website123.com
  Waiting for verification...
  Cleaning up challenges

  IMPORTANT NOTES:
   - Congratulations! Your certificate and chain have been saved at:
     /etc/letsencrypt/live/www.my_website123.com/fullchain.pem
     Your key file has been saved at:
     /etc/letsencrypt/live/www.my_website123.com/privkey.pem
     Your cert will expire on 2018-10-18. To obtain a new or tweaked
     version of this certificate in the future, simply run certbot
     again. To non-interactively renew *all* of your certificates, run
     "certbot renew"
   - If you like Certbot, please consider supporting our work by:

     Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
     Donating to EFF:                    https://eff.org/donate-le

Why did it create one for "www" instead of the bare domain?

On all my own servers this exactly command has always created a cert. without "www" - this is what I need. I even tried yesterday on a different server -- without "wwww".

How can I make it create a cert. without "www"?

Katta
  • 19
  • 2
  • What versions of certbot are you running on the server where it works as intended and on the server where it behaves differently? – Gerald Schneider Jul 20 '18 at 06:56
  • 1
    I think you're confusing the name of the file containing the certificate with the names that the certificate is for. This certificate is for your domain _and_ your domain with www. prepended to it (as most people will blindly type www. in fornt of whatever domain you have, now both are supported by the certificate). – wurtel Jul 20 '18 at 07:48
  • You already have a cert that works both ways. Do nothing. – Michael Hampton Jul 20 '18 at 18:10

1 Answers1

3

If you're trying to obtain a cert without the www subdomain, remove -d www.$website from your command.
That part of your command is asking for the www subdomain.

If you're trying to set the name of the resulting certificate file use --cert-name $website, but keep both -ds.

84104
  • 12,905
  • 6
  • 45
  • 76
  • I believe the question is about the "www" in the filepath ... as was the first question more clearly, which you marked as a duplicate of this question. – Gerald Schneider Jul 20 '18 at 05:56
  • I'm saying - I used the exactly same command on my different server and it didn't create a "www" cert – Katta Jul 20 '18 at 06:51