short SSL question

If your UnrealIRCd is up and running but you have a question about it, then use this forum.
(NOT for installation or connecting issues! Use the other forum instead.)

Moderator: Supporters

Post Reply
CrazyCat
Posts: 145
Joined: Thu Apr 28, 2005 1:05 pm
Location: France
Contact:

short SSL question

Post by CrazyCat »

Hi there,

My network has 3 servers (a.network.com, b.network.com and c.network.com) and a dns RR (irc.network.com).

If I want to use a letsencrypt certificate, must I generate a certificate for each server or only the irc.network.com ?
And subsequent question: if I can do only one certificate, how can I do for the renewal, as letsencrypt will try an http challenge but I don't know on which server it will go ? Must I enable the irc.network.com on each webserver ?

I can manage the automatic replication of the newest certificate on others servers, this is not a problem :)
k4be
Posts: 43
Joined: Sun Jan 09, 2005 12:19 pm
Location: Poland

Re: short SSL question

Post by k4be »

I suggest using a wildcard certificate (*.example.com), it'll serve all your subdomains (except the top one, example.com, you probably need a separate certificate for it).
Use DNS challenge so you can run the letsencrypt client on your DNS master. To generate a standard one-domain cert (irc.example.com) you can use DNS challenge too.
CrazyCat
Posts: 145
Joined: Thu Apr 28, 2005 1:05 pm
Location: France
Contact:

Re: short SSL question

Post by CrazyCat »

Thanks for the answer.
I get the same on IRC and I now know that we can have wildcard certs with the DNS challenge, my trouble is now solved.

The certificates are generated on the "main" server (the server with the network website) and propagated once a week to others using scp, everything is ok now.
Post Reply