[BlueOnyx:21913] Re: 5209R YUM updates — Let's Encrypt wildcard certificates

[Meaulnes Legler @ MailList]

On 01.04.18 09:58, Michael Stauber wrote:
> Hi Meaulnes,
>> Lately, I got an e-mail from Let's Encrypt saying that they came out with the wildcard certificates. Do you think you could implement those?
> See [BlueOnyx:21846] where I mentioned it.

I apologize, I missed that one...

> In reality the wildcard certs aren't that useful on a BlueOnyx if you think about it. You can already have (almost) whatever alias you want included in the validity of the cert for a Vsite. As long as it points to that Vsite. And it costs nothing, so you can have as many as you like wherever you like.

sorry, I don't get it. What do you mean with an alias for the vsite? The LE certificate is valid for www.mydomain.tld, right? If I want additional certificates for, say, mail.mydomain.tld and ftp.mydomain.tld, how do I do this?

If I go to Site Management > www.mydomain.tld > SSL > [_^ 'Let's Encrypt!' _] I can [_Request or Renew Certificate _] but it isn't possible to add any subdomains...

Thank you and best regards

Meaulnes Legler
Zurich, Switzerland
+41 44 2601660


> The cert validity for the wildcards is only 90 days as well.
> So do you really want to set up a wildcard LE-cert on one Vsite and then
> export and re-import that cert manually to wherever it's needed? And
> repeat these manual steps every 60-90 days? It sort of defeats the
> purpose of having auto-renewals if you can't effectively use them for
> wildcard certs as well.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20180401/82a6d948/attachment.html>