Multi cert functionality

krtab / agnos

Obtain (wildcard) certificates from let's encrypt using dns-01 without the need for API access to your DNS provider.

MIT License

303 stars 8 forks source link

Multi cert functionality #30

Closed fayeg21 closed 1 year ago

fayeg21 commented 1 year ago

It would be great if this tool's config was easily used to create multiple separated certs for separate domain names.

i.e. something like this:

[[accounts.certificates]]
{
domains = ["*.foo.com"]
fullchain_output_file = "/etc/ssl/certs/foo.com.pem"
key_output_file = "/etc/ssl/private/foo.com.pem"
},
{
domains = ["*.bar.com"]
fullchain_output_file = "/etc/ssl/certs/bar.com.pem"
key_output_file = "/etc/ssl/private/bar.com.pem"
},

justinas commented 1 year ago

Hmm, perhaps you're confused about the TOML syntax? This:

[[accounts.certificates]]
domains = ["*.foo.com"]
fullchain_output_file = "/etc/ssl/certs/foo.com.pem"
key_output_file = "/etc/ssl/private/foo.com.pem"

[[accounts.certificates]]
domains = ["*.bar.com"]
fullchain_output_file = "/etc/ssl/certs/bar.com.pem"
key_output_file = "/etc/ssl/private/bar.com.pem"

should do what you want (one account, two certificates). You can check with a TOML to JSON converter, JSON might be easier to understand.

krtab commented 1 year ago

Thanks a lot for answering @justinas!

fayeg21 commented 1 year ago

Yes I am confused abut TOML. But you've answered my question, thank you. I suspect I'm not the first person that would like to know this so may I sugggest this be added to the docs?