[BlueOnyx:21912] Re: 5209R YUM updates — Let's Encrypt wildcard certificates

[Michael Stauber]

Hi Meaulnes,

> Thank you very much for fixing the Let's Encrypt renewals. It's an
> Easter gift, right?:-) or an Easter egg?

Bit of both. I noticed it being broken when one of my boxes had an
expired AdmServ certificate.

> Lately, I got an e-mail from Let's Encrypt saying that they came out
> with the wildcard certificates. Do you think you could implement those?

See [BlueOnyx:21846] where I mentioned it.

In reality the wildcard certs aren't that useful on a BlueOnyx if you
think about it. You can already have (almost) whatever alias you want
included in the validity of the cert for a Vsite. As long as it points
to that Vsite. And it costs nothing, so you can have as many as you like
wherever you like.

The cert validity for the wildcards is only 90 days as well.

So do you really want to set up a wildcard LE-cert on one Vsite and then
export and re-import that cert manually to wherever it's needed? And
repeat these manual steps every 60-90 days? It sort of defeats the
purpose of having auto-renewals if you can't effectively use them for
wildcard certs as well.

-- 
With best regards

Michael Stauber