docker - 多个域的 certbot webroot 仅返回一个证书

问题描述

我正在尝试使用certbot certonly --webroot为多个域创建证书，但只获得了一个证书，我完成了本教程：link which works great for one domain。

所以我尝试对两个域（sub.domain.com domain.com）nginx conf做同样的事情：

server {
        listen 80;
        listen [::]:80;

        server_name domain.com www.domain.com;

        location / {
                proxy_pass http://api:80;
        }

        location ~ /.well-known/acme-challenge {
                allow all;
                root /var/www/html;
        }
}

server {
            listen 80;
            listen [::]:80;

            server_name sub.domain.com www.sub.domain.com;

            location / {
                    proxy_pass http://api:80;
            }

            location ~ /.well-known/acme-challenge {
                    allow all;
                    root /var/www/html;
            }
    }

然后我在 certbot 容器中使用了这个命令：

command: certonly --force-renewal --webroot --webroot-path=/var/www/html -d domain.com -d sub.domain.com --email some.email@gmail.com --agree-tos --no-eff-email --staging

它有效，但我只有一个证书（sub.domain.com）。

certbot    | Saving debug log to /var/log/letsencrypt/letsencrypt.log
certbot    | Plugins selected: Authenticator webroot, Installer None
certbot    | Renewing an existing certificate
certbot    | IMPORTANT NOTES:
certbot    |  - Congratulations! Your certificate and chain have been saved at:
certbot    |    /etc/letsencrypt/live/sub.domain.com/fullchain.pem
certbot    |    Your key file has been saved at:
certbot    |    /etc/letsencrypt/live/sub.domain.com/privkey.pem
certbot    |    Your cert will expire on 2020-06-09. To obtain a new or tweaked
certbot    |    version of this certificate in the future, simply run certbot
certbot    |    again. To non-interactively renew *all* of your certificates, run
certbot    |    "certbot renew"
certbot exited with code 0

标签： dockersslcertbot