gioppoluca
commented
3 years ago Traefik takes care of web certificates. It uses the acme.json file to store them so it will not consume the allowed requests to let's encrypt service BUT you have to have a public IP and to have the domains you are requesting pointed to you IP or obviously LE will not work. For wso2 stuff the certificates are only for internal reason and you have to generate self signed ones I will write docs for that in the deployment wiki
I have some questions about how the generation of certificates has/is/will be done. I remember some months ago there was some work being done in this regard with Let's encrypt, but I don't see anywhere the process that was made in that regards.
Does it need some special configuration in traefik? Do you use a wildcard certificate for all the subdomains or a certificate for each one?
As the alst question: is this the process we have to follow for the identity server keystores? https://is.docs.wso2.com/en/5.9.0/administer/creating-new-keystores/#creating-a-new-keystore
I think @gioppoluca is the one who knows the most about this but any help is appreciated.
Thanks in advance