diff --git a/roles/public_html/tasks/main.yml b/roles/public_html/tasks/main.yml
index 81db39fd1be6e6052c541b7ee42ef758f7a5bc88..621eae4851dbbb4a13cf8df90a7b070b758958c7 100644
--- a/roles/public_html/tasks/main.yml
+++ b/roles/public_html/tasks/main.yml
@@ -1,7 +1,7 @@
 ---
 
 - name: create ssl cert
-  command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{ letsencrypt_validation_dir }} -d '{{ public_domain }}' creates='/etc/letsencrypt/live/{{ public_domain }}/fullchain.pem'
+  command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{ letsencrypt_validation_dir }} -d '{{ public_domain }}' -d 'www.{{ public_domain }}' creates='/etc/letsencrypt/live/{{ public_domain }}/fullchain.pem'
 
 - name: copy webroot files
   copy: src=public_html dest=/srv owner=root group=root mode=0644 directory_mode=0755