Re: py39-certbot-2.6.0,1
- Reply: Doug Hardie : "Re: py39-certbot-2.6.0,1"
- In reply to: Doug Hardie : "Re: py39-certbot-2.6.0,1"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 17 Nov 2023 18:45:01 UTC
On Thu, 16 Nov 2023 21:30:51 -0800 Doug Hardie <bc979@lafn.org> wrote: > Thanks to all who pointed me in the right direction. I still don't >know where certbot keeps its info, but running: > > sermons# certbot certonly --webroot --expand -d >sermon-archive.info,sasaweb.net,steveandconnielarson.com,www.sasa-web.net,www.sermonarchive.info,www.steveandconnielarson.com > > generated new certificates without any issues. So, I am assuming >that my presumption that the deleted domain was the issue. I must >not have run the above command before. Actually, that generated a new certificate, not certificates. It's somewhat odd, by general industry practice, to use the same certificate for all one's clients. Not only do you make your client list more visible than it really should be, but, as you've found, failures with one client risk rippling to other clients when something goes wrong. Current cert: CN = sermon-archive.info SAN = sasa-web.net sermon-archive.info steveandconnielarson.com www.sasa-web.net www.sermon-archive.info www.steveandconnielarson.com The more common method: Cert 1: CN = www.sermon-archive.info SAN = sermon-archive.info www.sermon-archive.info Cert 2: CN = www.steveandconnielarson.com SAN = steveandconnielarson.com www.steveandconnielarson.com Cert 3: CN = www.sasa-web.net SAN = sasa-web.net www.sasa-web.net --Jon Radel