Let's Encrypt and www

portofacil

How do I ensure the LE certs are issued for domain.com and www.domain.com at once?

Thanks.

VirtuBox

I'm planning to add more informations in logs displayed during SSL certificates, but at the moment, you can check the list of certificates with the command acme.sh --list. It will displayed certificates domain + alternative name.

To explain a little bit how WordOps proceed :

it split domain in parts after each .
it check if the first part is www
it check if without the first section, the other sections match with one of the TLD available in the public suffix list :
If the domain is wordops.net, removing the first section mean keeping only .net and it will match with the public suffix list. So it's a domain + www
if the first test do not match any suffix, then it try to remove two section :
if the domain is community.wordops.net, removing the two first sections mean keeping only .net and it will match with the public suffix list. So it's a subdomain

portofacil

Okay, but I don't understand how to ensure the certificates are issued for both domain and www.domain.

So far, it seems to me that the criteria are random, since I can't understand how to take control of them.

Your logic does not seem to work when the domains are, for example, .com.br:

domain.com.br would be split into:

domain
com
br

It would then mean domain.com.br is a subdomain of com.br, but it is a root domain. And these root domains are not getting the alternate www certificates as needed.

The print below will explain better than my words.