{"id":2647,"date":"2017-10-16T14:29:42","date_gmt":"2017-10-16T21:29:42","guid":{"rendered":"http:\/\/www.wellgolly.com\/?p=2647"},"modified":"2018-03-06T10:56:44","modified_gmt":"2018-03-06T18:56:44","slug":"adding-a-subdomain-with-certbot","status":"publish","type":"post","link":"https:\/\/www.wellgolly.com\/?p=2647","title":{"rendered":"Adding a subdomain with Certbot"},"content":{"rendered":"<p>It\u2019s relatively straightforward to have multiple domains and sub-domains use the same Certbot certificate when they all point to the same document root. Adding a sub-domain that points somewhere else is not as easy.<\/p>\n<p>I wanted to add a beta sub-domain for testing a site rewrite. I could get the certificate to generate, but I couldn\u2019t figure out how to modify the Apache config files for the beta. This is how I did it.<\/p>\n<p>To figure out what should be done, I ran this code to expand the existing certificate.<br \/>\n<pre><code class=\"preserve-code-formatting\">\nsudo \/opt\/certbot\/certbot-auto --installer apache --webroot -w \/www\/example -d example.com,www.example.com&nbsp;&nbsp;--webroot -w \/www\/example_beta -d beta.example.com\n<\/code><\/pre><\/p>\n<p>To verify that it did what I wanted, I ran:<\/p>\n<p><pre><code class=\"preserve-code-formatting\">\n\/opt\/certbot\/certbot-auto certificates<\/code><\/pre><\/p>\n<p>and got this:<br \/>\n<pre><code class=\"preserve-code-formatting\">\nCertificate Name: example.com\n&nbsp;&nbsp;&nbsp;&nbsp;Domains: example.com beta.example.com www.example.com\n&nbsp;&nbsp;&nbsp;&nbsp;Expiry Date: 2018-01-14 19:35:43+00:00 (VALID: 89 days)\n&nbsp;&nbsp;&nbsp;&nbsp;Certificate Path: \/etc\/letsencrypt\/live\/www.example.com\/fullchain.pem\n&nbsp;&nbsp;&nbsp;&nbsp;Private Key Path: \/etc\/letsencrypt\/live\/www.example.com\/privkey.pem<\/code><\/pre><\/p>\n<p>I was originally looking at the example.com file in the sites-available directory, but what I should have been looking at was in the Certbot generated files that end in -le-ssl.conf. <\/p>\n<p><pre><code class=\"preserve-code-formatting\">\n&lt;IfModule mod_ssl.c&gt;\n&lt;VirtualHost *:443&gt;\n&nbsp;&nbsp;&nbsp;&nbsp;ServerName example.com\n&nbsp;&nbsp;&nbsp;&nbsp;ServerAlias www.example.com\n&nbsp;&nbsp;&nbsp;&nbsp;ServerAdmin root@example.com\n\n&nbsp;&nbsp;&nbsp;&nbsp;DocumentRoot \/www\/example\n\n&nbsp;&nbsp;&nbsp;&nbsp;CustomLog \/var\/log\/apache2\/example.com.access_log combined\n&nbsp;&nbsp;&nbsp;&nbsp;ErrorLog \/var\/log\/apache2\/example.com.error_log\n\n&nbsp;&nbsp;&nbsp;&nbsp;ErrorDocument 404 \/missing.php\nInclude \/etc\/letsencrypt\/options-ssl-apache.conf\nSSLCertificateFile \/etc\/letsencrypt\/live\/www.example.com\/cert.pem\nSSLCertificateKeyFile \/etc\/letsencrypt\/live\/www.example.com\/privkey.pem\nSSLCertificateChainFile \/etc\/letsencrypt\/live\/www.example.com\/chain.pem\n&lt;\/VirtualHost&gt;\n\n&lt;\/IfModule&gt;\n&lt;IfModule mod_ssl.c&gt;\n&lt;VirtualHost *:443&gt;\n&nbsp;&nbsp;&nbsp;&nbsp;ServerName beta.example.com\n&nbsp;&nbsp;&nbsp;&nbsp;ServerAdmin root@touringmachine.com\n\n&nbsp;&nbsp;&nbsp;&nbsp;DocumentRoot \/www\/example_beta\n\n&nbsp;&nbsp;&nbsp;&nbsp;CustomLog \/var\/log\/apache2\/example.com.access_log combined\n&nbsp;&nbsp;&nbsp;&nbsp;ErrorLog \/var\/log\/apache2\/example.com.error_log\n\n&nbsp;&nbsp;&nbsp;&nbsp;ErrorDocument 404 \/missing.php\nInclude \/etc\/letsencrypt\/options-ssl-apache.conf\nSSLCertificateFile \/etc\/letsencrypt\/live\/www.example.com\/cert.pem\nSSLCertificateKeyFile \/etc\/letsencrypt\/live\/www.example.com\/privkey.pem\nSSLCertificateChainFile \/etc\/letsencrypt\/live\/www.example.com\/chain.pem\n&lt;\/VirtualHost&gt;\n&lt;\/IfModule&gt;\n<\/code><\/pre><\/p>\n<p>You need to run this code after changing the config files.<br \/>\n<pre><code class=\"preserve-code-formatting\">\nsudo service apache2 restart<\/code><\/pre><\/p>\n<p>Don\u2019t forget to change your DNS record to add the sub-domain.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>It\u2019s relatively straightforward to have multiple domains and sub-domains use the same Certbot certificate when they all point to the same document root. Adding a sub-domain that points somewhere else is not as easy. I wanted to add a beta sub-domain for testing a site rewrite. I could get the certificate to generate, but I &hellip; <a href=\"https:\/\/www.wellgolly.com\/?p=2647\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Adding a subdomain with Certbot<\/span><\/a><\/p>\n","protected":false},"author":6,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-2647","post","type-post","status-publish","format-standard","hentry","category-programming"],"_links":{"self":[{"href":"https:\/\/www.wellgolly.com\/index.php?rest_route=\/wp\/v2\/posts\/2647","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wellgolly.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wellgolly.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wellgolly.com\/index.php?rest_route=\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wellgolly.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2647"}],"version-history":[{"count":0,"href":"https:\/\/www.wellgolly.com\/index.php?rest_route=\/wp\/v2\/posts\/2647\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.wellgolly.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2647"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wellgolly.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2647"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wellgolly.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2647"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}