You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Here's some system info:
uname -ra
Linux ubuntu 3.13.0-86-generic #130-Ubuntu SMP Mon Apr 18 18:27:15 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
/usr/local/bin/lego/lego --version
lego version v0.3.1-0-g96a2477
The problem is that when requesting for certificates for multiple domains(subdomains), only the first one in the list gets granted a certificate. I've tried with both production letsencrypt server and staging one.
root@ubuntu:/home# sudo /usr/local/bin/lego/lego --accept-tos --exclude="tls-sni-01" --email="example@gmail.com" --domains="staging.example.com" --domains="dev.example.com" --domains="example.com" --domains="www.example.com" --server=https://acme-staging.api.letsencrypt.org/directory run
2016/06/11 11:05:27 No key found for account example@gmail.com. Generating a curve P384 EC key.
2016/06/11 11:05:27 Saved key to /home/.lego/accounts/acme-staging.api.letsencrypt.org/example@gmail.com/keys/example@gmail.com.key
2016/06/11 11:05:27 [INFO] acme: Registering account for example@gmail.com
2016/06/11 11:05:28 !!!! HEADS UP !!!!
2016/06/11 11:05:28
Your account credentials have been saved in your Let's Encrypt
configuration directory at "/home/.lego/accounts/acme-staging.api.letsencrypt.org/example@gmail.com".
You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
2016/06/11 11:05:28 [INFO][staging.example.com, dev.example.com, example.com, www.example.com] acme: Obtaining bundled SAN certificate
2016/06/11 11:05:28 [INFO][staging.example.com] acme: Trying to solve HTTP-01
2016/06/11 11:05:29 [INFO][staging.example.com] Served key authentication
2016/06/11 11:05:30 [INFO][staging.example.com] The server validated our request
2016/06/11 11:05:30 [INFO][dev.example.com] acme: Could not find solver for: tls-sni-01
2016/06/11 11:05:30 [INFO][dev.example.com] acme: Trying to solve HTTP-01
2016/06/11 11:05:30 [INFO][dev.example.com] Served key authentication
2016/06/11 11:05:31 [INFO][dev.example.com] The server validated our request
2016/06/11 11:05:31 [INFO][example.com] acme: Trying to solve HTTP-01
2016/06/11 11:05:31 [INFO][example.com] Served key authentication
2016/06/11 11:05:32 [INFO][example.com] The server validated our request
2016/06/11 11:05:32 [INFO][www.example.com] acme: Trying to solve HTTP-01
2016/06/11 11:05:32 [INFO][www.example.com] Served key authentication
2016/06/11 11:05:33 [INFO][www.example.com] The server validated our request
2016/06/11 11:05:33 [INFO][staging.example.com, dev.example.com, example.com, www.example.com] acme: Validations succeeded; requesting certificates
2016/06/11 11:05:34 [INFO] acme: Requesting issuer cert from https://acme-staging.api.letsencrypt.org/acme/issuer-cert
2016/06/11 11:05:34 [INFO][staging.example.com] Server responded with a certificate.
please note that i've replaced my domain names with example.com here, I didn't actually try to obtain certs for example.com
The text was updated successfully, but these errors were encountered:
When supplying multiple domains to the --domains switch, lego creates a SAN (Subject Alternate Names) certificate which results in only one certificate but this certificate is valid for all domains you entered. The first domain in your list is added as the "CommonName" of the certificate and all other domains are added as "DNSNames" to the SAN extension inside of your certificate.
Here's some system info:
uname -ra
Linux ubuntu 3.13.0-86-generic #130-Ubuntu SMP Mon Apr 18 18:27:15 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
/usr/local/bin/lego/lego --version
lego version v0.3.1-0-g96a2477
The problem is that when requesting for certificates for multiple domains(subdomains), only the first one in the list gets granted a certificate. I've tried with both production letsencrypt server and staging one.
root@ubuntu:/home# sudo /usr/local/bin/lego/lego --accept-tos --exclude="tls-sni-01" --email="example@gmail.com" --domains="staging.example.com" --domains="dev.example.com" --domains="example.com" --domains="www.example.com" --server=https://acme-staging.api.letsencrypt.org/directory run
2016/06/11 11:05:27 No key found for account example@gmail.com. Generating a curve P384 EC key.
2016/06/11 11:05:27 Saved key to /home/.lego/accounts/acme-staging.api.letsencrypt.org/example@gmail.com/keys/example@gmail.com.key
2016/06/11 11:05:27 [INFO] acme: Registering account for example@gmail.com
2016/06/11 11:05:28 !!!! HEADS UP !!!!
2016/06/11 11:05:28
Your account credentials have been saved in your Let's Encrypt
configuration directory at "/home/.lego/accounts/acme-staging.api.letsencrypt.org/example@gmail.com".
You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
2016/06/11 11:05:28 [INFO][staging.example.com, dev.example.com, example.com, www.example.com] acme: Obtaining bundled SAN certificate
2016/06/11 11:05:28 [INFO][staging.example.com] acme: Trying to solve HTTP-01
2016/06/11 11:05:29 [INFO][staging.example.com] Served key authentication
2016/06/11 11:05:30 [INFO][staging.example.com] The server validated our request
2016/06/11 11:05:30 [INFO][dev.example.com] acme: Could not find solver for: tls-sni-01
2016/06/11 11:05:30 [INFO][dev.example.com] acme: Trying to solve HTTP-01
2016/06/11 11:05:30 [INFO][dev.example.com] Served key authentication
2016/06/11 11:05:31 [INFO][dev.example.com] The server validated our request
2016/06/11 11:05:31 [INFO][example.com] acme: Trying to solve HTTP-01
2016/06/11 11:05:31 [INFO][example.com] Served key authentication
2016/06/11 11:05:32 [INFO][example.com] The server validated our request
2016/06/11 11:05:32 [INFO][www.example.com] acme: Trying to solve HTTP-01
2016/06/11 11:05:32 [INFO][www.example.com] Served key authentication
2016/06/11 11:05:33 [INFO][www.example.com] The server validated our request
2016/06/11 11:05:33 [INFO][staging.example.com, dev.example.com, example.com, www.example.com] acme: Validations succeeded; requesting certificates
2016/06/11 11:05:34 [INFO] acme: Requesting issuer cert from https://acme-staging.api.letsencrypt.org/acme/issuer-cert
2016/06/11 11:05:34 [INFO][staging.example.com] Server responded with a certificate.
please note that i've replaced my domain names with example.com here, I didn't actually try to obtain certs for example.com
The text was updated successfully, but these errors were encountered: