Hi Michael, but the way I see it is that we could just purchase a Wildcard SSL certificate instead of using ACME which seems a bit of a hassle. IMO, using automatic ACME certs in AstLinux is the least-hassle approach ... after the initial setup. The hassle with a 1-2 year Wildcard SSL cert (other than the cost) is it needs to be deployed and updated to all the boxes, even if only every 1-2 years. You would need to create some sort of CRON script to do that, and probably with authentication. If you go through the trouble of creating a Wildcard SSL cert deploy/update system, you just as well mint your own Let's Encrypt Wildcard Certs at a central location, at no cost every two months. You need to weigh the pros/cons for your situation, I use Cloudflare for my ACME DNS validation, and after many renewals for many boxes using non-wildcard certs, it just works. Lonnie On Apr 10, 2019, at 5:34 AM, Michael Knill <michael.kn...@ipcsolutions.com.au> wrote: |
_______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
