acmetool icon indicating copy to clipboard operation
acmetool copied to clipboard

Published 20 hours ago verified publisher icon hlandau

Consider a target hostname suffix tag feature

Open hlandau opened this issue 8 years ago • 0 comments

In some cases, it might be desirable to have multiple certificates in active use for the same hostname. For example, an RSA certificate and an ECDSA certificate.

In order to support that particular use case, a key type satisfaction criterion would have to be added.

But more generally, there would need to be some way to disambiguate hostnames under live. For example, some sort of suffix argument. A suffix of foo would go to /var/lib/acme/live/example.com:foo. So for example you could have two target files:

Target 1

satisfy:
  names: example.com
  key:
    type: ecdsa
suffix: ecdsa

Target 2

satisfy:
  names: example.com
  key:
    type: rsa
suffix: rsa

hlandau avatar Jan 11 '16 05:01 hlandau