On 05-19-2021 7:02 pm, Viktor Dukhovni wrote:
Well submission.example.com is a linux server running haproxy on it.
The only way (i know how) to create a certificate assigned to
submission.example.com is to create that certificate using commands in
a bash shell using certbot physically on that server.
Well, there's your false assumption.
...and? The correct assumption is a secret?
Using certbot (with a validation method that works with auto renew) i
can create a certificate on the backend.exmample.com server and tell
certbot the certificate will be for submission.example.com even though
submission.example.com will not resolve to the server im running certbot
on?