Redirections and SSL

#1

I’m migrating from an old domain and I found this super useful thread on redirections.

Lets say I was hosting on old[.]com and I’m moving to new[.]com. I’ve got the site up, and I understand the redirects, but I still need SSL certs for old[.]com. Since Ghost seems to manage LetsEncrypt/acme for the new url, how do I setup certs for the old domains? It would be great if the old name was a SAN on the same cert that gets minted for the new/main site.

Ideally I could schedule the automatic renewal, but I am ok with a manual renewal solution.

#2

When I run /etc/letsencrypt/acme.sh --home "/etc/letsencrypt" --list I see a single line come back with the new domain, and a column for “SAN_Domains”, so it looks like this should be possible. I can’t find any docs on how to configure that field.

#3

These instructions worked to get new certs, combined with the thread above I was able to get SSL with redirection working.

I’ve done a complete writeup here