Join the community today
Register Now

Letsencrypt add subdomain to the ssl certificate of an already existent domain

Discussion in 'Domains, DNS, Email & SSL Certificates' started by Kintaro, May 3, 2020.

  1. Kintaro

    Kintaro Member

    79
    5
    8
    Dec 2, 2016
    Italy
    Ratings:
    +19
    Local Time:
    8:43 AM
    1.15.x
    MariaDB 10
    Hello locked-down fellows :doctor:,

    some years ago I asked this:
    Letsencrypt - multiple top level domains in a single webroot

    Now, can I do the same thing if I want to add a subdomain instead of a top-level domain to the same webroot?

    I want to add Nextcloud to an existent vhost, I want to install it in a webroot subdir and I would like to give it "cloud.domain.com".

    Need I simply have to follow the directions for multiple toplevel domains up here and instead of domain2.com add cloud.domain.com?

    I would like to use a single Nginx configuration (or do you suggest against it?).
     
  2. eva2000

    eva2000 Administrator Staff Member

    44,717
    10,193
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,797
    Local Time:
    4:43 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Yeah you should be able to do the same again just backup /usr/local/nginx/conf/ssl/yourdomain.com directory which has existing Letsencrypt SSL certs just in case.
     
  3. KlueMaster

    KlueMaster Member

    49
    10
    8
    Aug 5, 2017
    Ratings:
    +20
    Local Time:
    12:13 PM
    MariaDB 10
    Hi,

    I've tried this to get certificate for newly added subdomain to a WordPress multi-site.

    However, I get the following error:
    Code:
    Error, can not get domain token entry *.wappbuy.com for http-01
    The supported validation types are: dns-01 , but you specified: http-01
    
    Could you please help?

    Also, would I need to do anything to get certificates automatically reissued after 60 days? Would any changes to ssl.conf be required after certificate reissue each time?

    Thanks!
     
  4. eva2000

    eva2000 Administrator Staff Member

    44,717
    10,193
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,797
    Local Time:
    4:43 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    wildcard letsencrypt ssl certs aren't supported for default webroot authentication and only supported via DNS domain authentication which is supported in acme.sh client used by addons/acmetool.sh but wildcard ssl letsencrypt certs are not supported by acmetool.sh itself so not supported in centmin.sh menu option 2, 22 or nv and can only done manually via acme.sh client + manual install and configuration of nginx vhost/cert

    so if you don't need wildcard, change *.wappbuy.com to a specific subdomain name i.e.
    subdomain.wappbuy.com and be able to do above listed acme.sh manual commands

    Nothing else needed