Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Question: Same cert across multiple servers? #159
Say I need a certificate for
This is a little off-topic for acme-dns but I'm actually working on this problem just now for https://github.com/webprofusion/certify - renew once and deploy to many targets (including remote/sftp/ssh). Yes, it raises a lot of interesting questions!
The benefit of centralised renewal is that it's simpler to track if you have/have not renewed the cert itself and you can perform the renewal work on behalf of servers/devices that can't/shouldn't renew for themselves. It's a natural problem related to wildcards, once you have one it may need to be applied to a large number of things, and you may not actually control all of those things.