Month: October 2017

Adding a subdomain with Certbot

It’s relatively straightforward to have multiple domains and sub-domains use the same Certbot certificate when they all point to the same document root. Adding a sub-domain that points somewhere else is not as easy.

I wanted to add a beta sub-domain for testing a site rewrite. I could get the certificate to generate, but I couldn’t figure out how to modify the Apache config files for the beta. This is how I did it.

To figure out what should be done, I ran this code to expand the existing certificate.


sudo /opt/certbot/certbot-auto --installer apache --webroot -w /www/example -d example.com,www.example.com  --webroot -w /www/example_beta -d beta.example.com

To verify that it did what I wanted, I ran:


/opt/certbot/certbot-auto certificates

and got this:


Certificate Name: example.com
    Domains: example.com beta.example.com www.example.com
    Expiry Date: 2018-01-14 19:35:43+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/www.example.com/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/www.example.com/privkey.pem

I was originally looking at the example.com file in the sites-available directory, but what I should have been looking at was in the Certbot generated files that end in -le-ssl.conf. 


<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName example.com
    ServerAlias www.example.com
    ServerAdmin root@example.com

    DocumentRoot /www/example

    CustomLog /var/log/apache2/example.com.access_log combined
    ErrorLog /var/log/apache2/example.com.error_log

    ErrorDocument 404 /missing.php
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/www.example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/www.example.com/chain.pem
</VirtualHost>

</IfModule>
<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName beta.example.com
    ServerAdmin root@touringmachine.com

    DocumentRoot /www/example_beta

    CustomLog /var/log/apache2/example.com.access_log combined
    ErrorLog /var/log/apache2/example.com.error_log

    ErrorDocument 404 /missing.php
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/www.example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/www.example.com/chain.pem
</VirtualHost>
</IfModule>

You need to run this code after changing the config files.


sudo service apache2 restart

Don’t forget to change your DNS record to add the sub-domain.

Apple Mail Preferences Pane

When updating to the Mac OS High Sierra Beta my computer hung. I let it run for a long time, but was unable to get it to continue. I restored from a backup, but it did not have all of the files for my email. I had to re-enter my email accounts and restore messages manually. Somewhere in the process, Mail app stopped being able to display the Preferences Pane. I added a new user to my Mac and the Preferences Pane showed up fine, so it looked like something in my user preferences was either missing or corrupted. I removed various things from ~/Library/Preferences/com.apple.mail but nothing fixed the problem. Then I stumbled on a StackExchange mentioning that some things are stored in ~/Containers.

Sure enough, removing Container.plist from com.apple.mail caused Mail to regenerate whatever is in that file. I now get all of my preferences back and they appear to be the same as before the crash.