Simply a request.
When I use other tools for applying https certs like acme.sh, I can just issue multiple domains in one cert like
acme.sh --issue -d example.com -d www.example.com ......
I don’t know how to do this using caddy. By default, caddy would apply two certs for root and www domains. I think it would be very nice if I can apply one cert for both root and www domains. Maybe it can be done like this: in Caddyfile I can write two host in a line to achieve it, for examplle
example.com www.example.com {
tls ......
}
matt
(Matt Holt)
April 12, 2021, 12:54am
2
If you want to manage certificates yourself, then use a tool like Certbot or acme.sh. Otherwise, just let Caddy do it for you.
What do you need this for? It is usually discouraged in automation:
---
description: Considerations for Long-Running TLS Certificate Management Software
---
# Best Practices for ACME Client Operations
## **CONTRIBUTORS**
* Matthew Holt — Caddy Web Server
* Jacob Hoffman-Andrews — Let's Encrypt
* Erica Portnoy — Electronic Frontier Foundation
* Daniel McCarney — Let's Encrypt
* Ryan Hurst — Google
## Introduction
The ACME \(Automated Certificate Management Environment\) protocol, or [RFC 8555](https://datatracker.ietf.org/doc/rfc8555/), is an IETF standard. It facilitates the automatic issuance and revocation of TLS certificates. Its unsupervised nature reduces errors, increases service uptime and availability, improves security, and lowers costs.
TLS connection errors will occur if required peer certificates are missing or invalid, so the availability of websites and services will increasingly rely upon successful ACME operations. This issue becomes more important as certificates become shorter-lived and deployed at a larger scale.
This file has been truncated. show original
1 Like
I thought it would be easy to manage certificates.
I got the point. I saw there were some discussion about SAN certificates. Indeed there is no need to develop such a function.
1 Like
system
(system)
Closed
May 12, 2021, 12:27am
4
This topic was automatically closed after 30 days. New replies are no longer allowed.