I currently have one host - host1.myDomain.com - this hosts several other domains (Virtual Servers) which all have SSL enabled and LetsEncrypt certs issues without any issues. The host runs Postfix and Dovecote among other things (MySQL, etc but no BIND).
The host (domain - myDomain.com) also has a cert - which Postfix uses.
I want to bring up another host - host2.myDomain.com and slowly move all the hosted domains across. I have a plan in mind. The question that springs to mind is:
will LetsEncrypt issue another cert for host2.myDomain.com & for myDomain.com, without revoking or affecting the existing one?
I will be adding another A record for host2 in the 3rd Party DNS panel for host2 & it’s IP address first.
Looking on host1 & myDomain.com in Virtualmin (Server Configuration >> SSL Certificates >>Let’s Encrypt) , there are 3 entries listed in “Domain names listed here” field,
I suppose if I only get a cert for host2.myDomain.com - that would allow me to get host2 up and running and accessible via URL. Adding the necessary A record at the external DNS.
set an additional PTR record to point myDomain.com to the new IP address (assuming you can have 2).
I actually have a new Virtual Server\Domain (mail enabled) to go live, so could test DKIM, etc with that and if all goes well - continue.
Move the non mail enabled domains first, content etc. regenerating their SSL certs.
Move the first exsiting (mail enabled) hosted Domain\Virtual Server onto it (changing it’s DNS - MX, SPF & A records etc at the external DNS Panel) and when mail is sent from that domain - it shouldn’t have issues as host2’s IP address resolves (assuming you can set 2 PTR records)
Once all Virtual Servers have been moved - make sure all A records for myDomain.com point only to the new IP\Host.
Many thanks for your reply. I was Googling about multiple PTR records whilst typing the previous post and it looks as if it’s fine to have 2 PTR records for the same domain but different IPs.
It’s discouraged to have multiple records for the same IP.