How to add a domain to existing certificate generated by Let’s Encrypt/Certbot

certbotletsencryptsslssl-certificate

This question is a continuation of essentially the same question that was closed for being "off-topic" on Stack Overflow.
The OP's question:

I am just simply trying to add the domain test.example.com to the certificate that already exists for example.com. How do I add a domain to my existing certificate and replace the old certificate?

Best Answer

  • With certbot 0.34.0, the procedure is simple and easy (depending on your system, substitute certbot-auto or ~/certbot-auto for certbot):

    First, list your existing certificate and domains:

    sudo certbot certificates
    

    This will return your certificate name and the domains currently on the certificate, for example:

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Found the following certs: Certificate Name: foo.example.com
    Domains: foo.example.com bar.example.com
    Expiry Date: 2119-08-01 11:30:32+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/foo.example.com/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/foo.example.com/privkey.pem
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    Then add commas between the domains listed after the Domains: line above, add another comma, and the domain you want to add, for example, to add baz.example.com:

    sudo certbot --expand -d foo.example.com,bar.example.com,baz.example.com
    
  • Related Question