LetsEncrypt
Months ago, I started setting up LetsEncrypt using certbot on my Debian web server. It hosts multiple virtual hosts, so I setup 2 different sets of certificates: one for hjsoft.com/www.hjsoft.com and the other for johnflinchbaugh.com/www.johnflinchbaugh.com/blog.johnflinchbaugh.com.
On Debian,
at least when I got started,
it was recommernded to have certbot
shutdown your apache2
and let it start its own temporary web server
to verify the LetsEncrypt setup (--authenticator standalone).
The other trick is
to register multiple domain names
for one certificate by repeating the -d option.
I did this with this invocation:
certbot \
--pre-hook "systemctl stop apache2" \
--post-hook "systemctl start apache2" \
--authenticator standalone \
--installer apache \
-d johnflinchbaugh.com \
-d www.johnflinchbaugh.com \
-d blog.johnflinchbaugh.com
I got it started a couple months ago,
but I didn’t know how to setup multiple domain names,
so I was always getting errors
that this certificate was for a different name:
johnflinchbaugh.com instead of www.johnflinchbaugh.com, etc.
That’s all sorted out now, and all my sites should be SSL all the time.
For more information on setup, certbot has a great set of guides based on your OS and web server.