On Wed, Apr 15, 2020 at 7:21 AM sebb <seb...@gmail.com> wrote: > > I'm wondering what the process is to generate an SSL certificate for a > new Whimsy host?
letsencrypt-auto > AFAICT, the current instructions assume that the website responds to > the hostname 'whimsy.apache.org', however that won't be the case until > the website is switched over. letsencrypt requires the host to be able to respond to the list of hostnames passed to us. > The SSL cert needs to be in place before switch-over occurs. > > Is there a way to generate the new SSL certificate in advance, without > affecting the current Whimsy master? I'm not certain I understand the question. What needs to be done is to have every time letsencrypt is run on a machine that that machine owns the list hostnames that are passed on the command. When DNS changes affect a machine (for example, when whimsy.apache.org is moved to point to the new machine), letsencrypt will need to be run again (likely manually) at that time. Did I answer your question? > Sebb - Sam Ruby.
