-
-
Notifications
You must be signed in to change notification settings - Fork 156
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wildcard cert option #66
Comments
Hi pradeepvishwakarma, As of now this image does not support wildcard domains. |
I was wondering the same.. I'm just getting into the topic but if I'm running e.g. 'blog.example.com', 'api.example.com' and 'www.example.com' on the same server, the script would currently issue three distinct certificates for each sub-domain instead of one for all *.example.com domains? Not sure sure to what extend this is an issue in practice. |
The scripts will issue three separate certificates if you create three separate config files for each In the first case you will make more certificate requests towards Let's Encrypt, so if you have more than 50 separate domain names that you update multiple times per week you will run into rate limits. You may add up to 100 alt names to each certificate file, so if you combine files you can update up to 5000 domains per week, which I believe is quite a lot. If you use more than that a wild card certificate would be required, but I don't see that being a realistic usecase for this image. A wildcard certificate would be valid for all subdomains, which would mean that you would only need to handle one file (which is much easier if you aren't using these scripts which make automatic requests for you). A drawback of wildcards is that a Furthermore, it might be a tiny bit more secure to have a certificate issued to only those domain names that you actually have, instead of accepting any and all subdomains. |
That makes sense, thanks for elaborating @JonasAlfredsson ! |
Since I have not seen any more people asking for this feature I will close this issue with "wont do" for now. This might change in the future if enough demand is encountered :) |
Just to give an update to this: we now actually support wildcard domains as well. So if anyone runs into this issue in the future it is now fixed :) |
Can we create wildcard cert using the docker-image ?
Like wildcard domain -> *.example.com
The text was updated successfully, but these errors were encountered: