Closed ghost closed 2 years ago
This library uses the standard ASP.NET Core options pattern https://docs.microsoft.com/en-us/aspnet/core/fundamentals/configuration/options. That means you can use any of the configuration options in https://docs.microsoft.com/en-us/aspnet/core/fundamentals/configuration, or build your own. I think using that pattern to populate LettuceEncryptOptions
should be sufficient.
Hope that helps.
Is your feature request related to a problem? Please describe. We are looking at using LettuceEncrypt in conjunction with YARP to create a proxy layer for all our applications running in Kubernetes. As part of this, we are looking to be able to support, dynamically, any number of customer domains as they configure them through our application. Currently with how LettuceEncrypt works the domains must be specified through the configuration before startup.
Describe the solution you'd like Would like to be able to programmatically add additional domain sources that LettuceEncrypt considers on startup & renewal passes.
Additional context I've already begun work on this and have a first implementation completed, I just wanted to see if there was any interest in pursuing this as a PR here.
I noticed while working on this also that it seems like right now all domain names from the configuration are registered as subject alternate names (SAN) on the same cert. This would also have become problematic due to the 100 domain limit that Let's Encrypt imposes. To this end, I've also made some changes to the code to generate more individual certificates. This also seems to follow the best practices from Let's Encrypt of having as few domains per cert as possible.