search

go-acme / lego

Let's Encrypt/ACME client and library written in Go
https://go-acme.github.io/lego/
MIT License
8.06k stars 1.03k forks source link

Allow expanding certificates #507

Open dchenk opened 6 years ago

dchenk commented 6 years ago

Certbot has an --expand option that lets you add domains to a certificate: https://certbot.eff.org/docs/using.html#re-creating-and-updating-existing-certificates

Is there any chance we could implement such a feature for lego? The advantage with simply expanding a certificate's list of domains is that you don't then get emails notifying you that your (old) certificate is about to expire when you're not using it anymore after creating a new cert with another list of domains. (Or am I wrong, does the old cert expire as usual?)

xenolf commented 6 years ago

Hello!

There is no such thing as expanding a certificate really. Once a certificate is issued it will remain the same forever. What the --expand option probably does is that it reads the domains from the certificate and generates a new one based on the domains it found plus any additional ones you provided.

I'm not opposed to adding such functionality to the CLI as I can see the benefit of it. Happy to accept a PR for it!