During the “ghost setup” step, I set up the ssh certs for my domain by entering the domain as https://example.com. However, I noticed that this does not make a certificate for https://www.example.com even though it’s specified in my nginx config.
Thus, I thought maybe I would run “ghost setup” again and put in https://www.example.com as my domain instead and create a new ssl cert. This time, it made https://www.example.com the valid cert, but now going to https://example.com gives me a 502 Bad Gateway.
I attempted to use a standalone installation of Certbot for this as well; unfortunately certbot created an infinite loop that required a rollback and was not an optimal solution. I can not find a way to rollback the ssl cert creation in Ghost; being able to do this would likewise be helpful.
in \etc\nginx\sites-enabled.conf\ i currently have 5 nginx configs; default, example.com.conf, example.com-ssl.conf, www.example.com.conf, and www.example.com-ssl.conf. Should I delete www.example.com.conf and www.example.com-ssl.conf?
tldr i need to expand my existing certificate to add https://www.example.com without changing the domain the blog is running from
ghost setup will only setup (including nginx, ssl, etc) the domain you enter as config. Your idea to use ghost setup a second time was the right path, the exact steps & commands for this are documented here:
Thank you. That article solved my issue. I had no idea that the files were symlinked from /var/ghost/system/files, this definitely caused some confusion when I tried setting up letsencrypt outside of the ghost utility!