> > These certificates are a very stupid thing. They are utterly > > complicated, you have to self-sign them which produces warnings, and > > they require to have the host name within them as if the host wasn't > > known by several different names. > > Use LetsEncrypt then, you can add any number of host names you want, as > far as I know. But you need a temporary web server to prove ownership > of the server/hostname and sign the certificates. >
As an alternative you can publish a DNS record, rather than providing a web server. I like https to distribute fires - its easiest for the users, and no client end setup required. If there are many files just zip them up as most users can handle that too, and zip clients are build into most OSes.
