问题
I have generated SSL certificate like so:
sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
./letsencrypt-auto certonly --standalone
Then I was asked for email ... and a domain name. I entered 'mydomain.com'
I figured out that I could enter multiple domains to be included in one certificate using different approach. E.g.:
sudo -H ./letsencrypt-auto certonly --standalone -d example.com -d www.example.com
I wonder if I could have entered multiple domains when I was promoted for them in a dialog or now I need to regenerate using a different approach?
Do I need to remove previous letsencrypt installation before going new way?
UPDATE -> SOLVED
sudo ./certbot-auto certonly --standalone -d mydomain.com -d www.mydomain.com
回答1:
You do not need to remove the installed certificate.
You can extend it to your sub-domain if you're using the same domain. Do the following:
sudo certbot certonly --standalone -d domain.com -d www.domain.com
When prompted for Expanding or Cancelling, reply with E then hit Enter key on your keyboard.
The certificate should be setup successfully.
If you encounter this error: Problem binding to port 80: Could not bind to IPv4 or IPv6, stop apache by running systemctl stop apache2 then run the above certbot command again.
Once the ssl certificate is successfuly setup, run systemctl restart apache2 to get apache up and running again.
来源:https://stackoverflow.com/questions/41097696/letsencrypt-certificate-for-www-and-non-www-domain