Quote:
Originally Posted by photon
Ok should be renewed.
Yeah there are different ways, basically involves running a command on a computer to request the renewal from LetsEncrypt, they do a verification, and then copy the new certs.
Easy enough script to write.
Problem is I thought I'd be clever and do a wildcard cert so I could easily setup whatever subdomain sites I'd want. However the wildcard cert verification involves setting DNS TXT entries. So I'd have to get the challenge string, update a couple of DNS TXT records via API, then do the verification.
The previous DNS provider didn't have an easy API to work with so I'd been doing it manually.
There's a new DNS provider that comes along with the ads but I haven't checked to see if they have API access.
What I'll probably just have to do is switch to certs for each individual domain rather than a wildcard because those can be verified by having a text file available on the domain URL. Or maybe check their docs to see if there's any new verification options available.
|
Could you have a single cert with a variety of subject alternative names of the sub domains you want (SANs) instead of the wildcard?