On 2017/09/14 15:04, William Leuschner wrote:
> When acme-client is asked to renew a certificate which uses the Subject
> Alternative Names feature, it fails with the error "domain not listed:
> example.com". The configuration file I'm using is below:
..
> domain headcount.se.rit.edu {
> alternative names { headcount.se.rit.edu peanut.se.rit.edu }
Renewals work for me. How does your current certificate look?
$ openssl x509 -in <certfile> -text -noout
One difference between your config and mine is that I don't repeat the
"main" domain in "alternative names". (It's not required, and maybe that
triggers a bug).
