Retrieval of Wildcard Certificates on Multiple Servers

[shellster]

With the announcement of LetsEncrypt supporting wildcard certificates in ACMEv2, this change will lead to a new set of problems. Primarily that once a wildcard certificate is requested, that certificate may need to be distributed to multiple servers as not all subdomains are likely to run on the same server. To a lesser extent, this problem already exists for load-balancers. To prevent hacky, insecure schemes that are likely to crop up with users trying to automate certificate sharing between their servers, I believe that it would be prudent for the ACMEv2 protocol to provide a mechanism for grabbing the previously issued cert on multiple machines. Here is my suggestion for accomplishing this:

1. Allow the primary server (the one which DNS points to for the primary domain), to submit a properly lengthy "password" (this could also be a privately generated SSL cert) with requests for a wildcard certificate. This feature would be optional and not required.
2. The other, subdomain servers, would then request the same wildcard certificate, with the same email address, and pass the same password or cert. In this scenario, the protocol will not perform the usual domain validation, or will perform a weaker variant (validate that the server is at least a subdomain of the wildcard cert that is requested).
3. Providing that the password/cert and the email address match what is on file, return the currently-valid wildcard certificate.

This feature will allow subdomain servers to grab the correct SSL cert without needing to resort to one-off certificate sharing solutions that are likely to result in insecure server configurations that might allow an attacker that compromised one host to move to other hosts.

[jsha]

I think this problem is better solved by the usual configuration management solutions: I.e., pushing out private keys and certificates to hosts via SSH. However, if you'd like to discuss further, please post to the mailing list.

[bifurcation]

I agree with @jsha that private key sharing is not a problem that ACME should solve. I really do not want to encourage people to upload private keys to ACME servers; even if they're supposed to be encrypted, someone will inevitably forget. (For sharing the certificate, you can already share the cert URL, cf draft-ietf-acme-star)

Even if there is some desire to support this functionality, it can be done in an extension. So I'm going to mark this WONTFIX for the base spec.