SSH Deployment, Multiple Hosts, Cron

[tilllt]

Hi, i have another question: i used the SSH Deployment function of acme.sh to deploy my letsencrypt certs into a (kvm) VM. I have one VM running my mailserver and i managed to deploy the certs into this fine. But i also have a VM running my web-services. I want to deploy the certificates into both. I dont quite understand the docs in terms of setting up a deployment into multiple locations... another thing i dont understand is if the deployment is added to the "task list" of the cronjob acme.sh creates or do i need to add the deployment command to the cron job?

[tilllt]

Ok, just found out that it was asked here before... https://github.com/Neilpang/acme.sh/issues/1406 ... and i agree to the other thread that it would be wonderful to just run the deploy command for multiple hosts. What remains is my question about the handling of deploy and cron, if its just added to the TODO list of the acme cron job or if i have to take care of it?

[wowcut]

I am also interested in a way to deploy a wildcard cert to multiple hosts.

Currently it is not clear how to do that - also the documentation does not have a concept of "multiple deploy targets" it would be very nice if there was an example of how to do that.

[sergeifilippov]

What you could do is run acme.sh using dns verification mode on another system.

Once the certificate has been issued you can run a script or use a deployment tool to sync ssl to other servers and reload webserver.

I used this method with ansible to sync to other hosts.

[querplis]

you can try to store certs in git with limited access, and then pull from hosts with acess, either by poking them or via cronjob.

[camdixon]

The problem is not all DNS providers support the DNS method.