Certbot - Updating domain list

Config: Apache2 on Debian 9

I have added and removed domains from my server and consequently "certbot renew" failed. Apparently, simply enabling and disabling in apache isn't enough. I've had a look at the certbot documentation but I'm not sure how to proceed. My question is how do I add or remove domains in a way certbot will recognize? Example.

Certificate Name: example.com
Domains: domain1.com domain2.com domain3.com domain4.com domain5.com

How would I remove domain2.com & domain4.com ?
How would I add domain6.com & domain7.com ?

I hesitate to use "certbot delete example.com" followed by "certbot install" lest something goes wrong and I lose access to the domains.

Related to this, and for the sake of being thorough, when I "a2dissite site.com" the secure symbolic link is not deleted and must be removed manually.

Thanks in advance.

1 Reply

Okay, here we go.

Use --dry-run flag or risk exceeding the rate limit. Not a big deal but may delay the update for a day or so. The trick here is to use the -domains or -d flag to set the list of [comma separated]domain names. So, to answer the above question…

certbot --dry-run certonly --cert-name example.com -d domain1.com,domain3.com,domain5.com,domain6.com,domain7.com

If that runs successfully, then remove the dry-run flag and do it for real:

certbot certonly --cert-name example.com -d domain1.com,domain3.com,domain5.com,domain6.com,domain7.com

The certificate is renewed at the same time it is updated.

I hope this helps anybody who finds themselves in the same predicament I was in.

Reference: https://certbot.eff.org/docs/using.html#changing-a-certificate-s-domains

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct