Skip to content

Updating domains breaks startup. #20

New issue
New issue
Open
#21
Open
Updating domains breaks startup.#20
#21
@henti

Description

@henti
henti
opened on May 10, 2025

I followed the instructions to test with a single domain (smokeping.my_personal_domain.com) and it worked fine. When I added pi-hole.my_personal_domain.com it broke with:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Missing command line flag or config entry for this setting:
You have an existing certificate that contains a portion of the domains you requested (ref: /etc/letsencrypt/renewal/smokeping.my_personal_domain.com.conf)

It contains these names: smokeping.my_personal_domain.com

You requested these names for the new certificate: smokeping.my_personal_domain.com, pi-hole.my_personal_domain.com.

Do you want to expand and replace this existing certificate with the new certificate?

(You can set this with the --expand flag)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My command for one domain was:

name="letsencrypt"
email="hentgi@my_personal_domain.com"
image="serversideup/certbot-dns-cloudflare:latest"
domains="smokeping.my_personal_domain.com"
token="blah"

    docker run \
     -d \
     --rm \
     --name $name \
     -e PUID=1000 \
     -e PGID=1000 \
     -e CERTBOT_DOMAINS="$domains" \
     -e CERTBOT_EMAIL="$email" \
     -e CLOUDFLARE_API_TOKEN="$token" \
     -v /home/henti/docker/letsencrypt:/etc/letsencrypt \
     -v /home/henti/docker/letsencrypt/log:/var/log/letsencrypt \
     $image

To add a second domain, I updated:

domains="smokeping.my_personal_domain.com,pi-hole.my_personal_domain.com"

Even more strangely, when I remove all the letsencrypt data and run the same config I only get a certificate for the first domain.

Let's Encrypt, shall we?
-----------------------------------------------------------
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for smokeping.my_personal_domain.com and pi-hole.my_personal_domain.com
Waiting 10 seconds for DNS changes to propagate

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/smokeping.my_personal_domain.com/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/smokeping.my_personal_domain.com/privkey.pem
This certificate expires on 2025-08-08.
These files will be updated when the certificate renews.
NEXT STEPS:
- The certificate will need to be renewed before it expires. Certbot can automatically renew the certificate in the background, but you may need to take steps to enable that functionality. See https://certbot.org/renewal-setup for instructions.

I monitored cloudflare and both domains had acme challenge DNS entries.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions