acmetool
acmetool copied to clipboard
Consider a target hostname suffix tag feature
In some cases, it might be desirable to have multiple certificates in active use for the same hostname. For example, an RSA certificate and an ECDSA certificate.
In order to support that particular use case, a key type satisfaction criterion would have to be added.
But more generally, there would need to be some way to disambiguate hostnames under live
.
For example, some sort of suffix
argument. A suffix of foo
would go to /var/lib/acme/live/example.com:foo
. So for example you could have two target files:
Target 1
satisfy:
names: example.com
key:
type: ecdsa
suffix: ecdsa
Target 2
satisfy:
names: example.com
key:
type: rsa
suffix: rsa