Feature FAQ

Michal Altair Valášek edited this page Feb 20, 2018 · 2 revisions

This feature-related FAQ. For general FAQ for this project see www.autoacme.net.

Will AutoACME support SAN/UCC certificates (multiple hostnames per certificate)?

Historically, my stance was not to support SAN certificates. (explanation). However, the recently entacted restriction of 20 certificates per domain changed my position. It still does not make sense from IIS+CCS perspective, but it DOES make sense by allowing to get certificates for 2000 hosts instead of 20 hosts.

So I'll think about how I can implement this into AutoACME. Don't get your hopes too high, though. I maintain this project in my spare time, mainly to solve my personal requirements and this isn't one of them, so it does not have high priority. Of course, you are more than welcome to join the development efforts.

Will AutoACME support wildcard certificates (*.example.com)?

First of all, as of time writing, Let's Encrypt does not issue wildcard certificates in production. It's supposed to start in a few days, though. And I would love to implement this feature. But I can't do it in foreseeable future.

According to the announcement, it would require DNS authorization, which is waaaaay out of scope for AutoACME. In fact, AutoACME was built explicitly for avoiding the need for DNS authorization.

Let's Encrypt "may explore additional validation options over time". If they'll do some form of HTTP-based authorization, I'll try to implement that, if possible.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.