Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 28 Jul 2018 20:16:56 +0700
From:      Olivier Nicole <olivier2553@gmail.com>
To:        David Mehler <dave.mehler@gmail.com>
Cc:        freebsd-questions <freebsd-questions@freebsd.org>
Subject:   Re: acme.sh and certificate deployment
Message-ID:  <CA+g+BvhgOJ7CUdrg5JpUS8Vevo-uN-j=7gTuk=Md1UoFY+hdCw@mail.gmail.com>
In-Reply-To: <CAPORhP7bq_NiL7kt0iqVBfenfX9P_YWXbbY75L5bg7yWjEDrLw@mail.gmail.com>
References:  <CAPORhP7bq_NiL7kt0iqVBfenfX9P_YWXbbY75L5bg7yWjEDrLw@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
> I like the fact that acme.sh can do a wildcard certificate as I only
> need one for the tld and not x for all subdomains. I do like that fact
> that it also can handle ECC curves.

If I remember well what I read about wildcard certificates, and unless
it has changed, only DNS authentication is supported. So unless you
wrote your full script deployment, you have to do it by hand because
the challenge to put in DNS is changing each time you want to renew.

But it is very straight forward to use LE certificates for Apache,
Postfix and I have not tried Dovecot :0

Best luck,

Olivier



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?CA+g+BvhgOJ7CUdrg5JpUS8Vevo-uN-j=7gTuk=Md1UoFY+hdCw>