So, what is the workaround I could use to avoid creating one file per new (self-signed)certificate issued ? I cannot use only one certificate for all since I have to be able to revoke the certs with granularity.
If you don't want to use file/certificate per domain but the same time can't work arround it with a wildcard certificate it (imo) leaves just one option - to create a certificate including all the exact domains and whenever there are some changes (expiration or a new domain added) regenerate the cert.
p.s. you can do something like that even with non self-signed certificates - for example (while manually) Godaddy lets you add or remove domains to their "Multiple Domains UCC" certs (up to 100 domains) on the fly (the expiration of the whole cert remains).
rr
_______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
