Yannik / qnap-letsencrypt

Let's Encrypt on QNAP
318 stars 59 forks source link

Add subdomain to cert after the fact #88

Closed mannibis closed 4 years ago

mannibis commented 4 years ago

Hey. Just want to say thanks for this awesome script. I've been running it for more than a year and it works perfectly. I'm running into an issue, but I'm not sure if this is even the problem. Here goes: I use the LetsEncrypt cert for my main domain (domain.com) and I run Apache reverse proxy with subdomains for all of my NAS apps (SickChill, NZBGet, etc.) The cert works fine for all of this.

However, I just created a subdomain (qnap.domain.com) for reverse-proxying the QTS web interface (port 9443 SSL). However, If i use the same SSL cert (created originally for domain.com), I get an SSL handshake error. I am assuming that it is because I am pointing to qnap.domain.com instead. Do I need to re-create the LE cert to include qnap.domain.com also? How do I do this after the fact, or should this not be a problem? I use a wildcard for my DNS so it points to the right IP.

I tried re-running init.sh but it says acme folder already exists and it just regenerates RSA key. How would I go about this? Thank you!

mannibis commented 4 years ago

So I figured it out. I renamed letsencrypt/signed.crt to signed.crt.OLD and re-created the domain.csr with your multi-domain instructions and re-ran renew_certificate.sh

Worked like a charm! Thanks again