You’re most likely reading this because you already have a Let’s Encrypt certificate issued using certbot for a domain.

If you want to create a new certificate, have a look at this guide instead.

In our case, we already had SSL certificates covering these domains:

  • https://example.ca
  • https://www.example.ca

I have a directory on my server called “staging” that I want to link with https://staging.example.ca

We add our new subdomain with the certbot command and the --expand flag.

Don’t forget to add our existing domains as well.

sudo certbot -d example.ca,www.example.ca,staging.example.ca --expand

We can then list all certbot domains and confirm that the subdomain has been added successfully.

sudo certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: example.ca
    Domains: example.ca
    Expiry Date: 2022-07-11 02:01:35+00:00 (VALID: 62 days)
    Certificate Path: /etc/letsencrypt/live/example.ca/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/example.ca/privkey.pem
  Certificate Name: www.example.ca
    Domains: www.example.ca
    Expiry Date: 2022-07-16 02:46:28+00:00 (VALID: 68 days)
    Certificate Path: /etc/letsencrypt/live/www.example.ca/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/www.example.ca/privkey.pem
  Certificate Name: staging.example.ca
    Domains: staging.example.ca
    Expiry Date: 2022-07-20 19:19:31+00:00 (VALID: 90 days)
    Certificate Path: /etc/letsencrypt/live/staging.example.ca/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/staging.example.ca/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Check out the full guide on setting up a subdomain using the same Apache web server or the one for NGINX as well.

Leave a Reply