Authorisation from single host

gates · December 7, 2015, 1:53pm

Howdy all,

i wanted to use the LE certs for some services on our site, and services, so we dont get the red bar while connecting every time. The client runs fine, for a single domain i’ve setup, how ever, i want to create requests for other (sub)domains as well, but those are not managed from the same machine / ip / OS.

is there a way to Authorise those domains in an other way then putting files on the non-https sites ?
1 service i’m not allowed to put files on that machine, so we cant use that tatic, other site the port 80 is linked to an other server/service on the same IP.

and for management i wanted to create 1 machine, where i can update all certs with a cronjob and export the keys to the next location myself.

Is there an other way (or comming?) to authorise those other (sub)domains from a single machine?

souki · December 7, 2015, 5:04pm

I was trying to solve similar problem (one domain running on multiple servers) and it is actualy really simple. I have this rule in every site config (nginx):

location ~ /\.well-known/acme-challenge/ { proxy_pass http://letsencrypt.example.org:8081; }

Letsencrypt is running on machine http://letsencrypt.example.org with port mapped from 8081 to 80.
I can now simply verify all domains from different machines on single instance.

gates · December 8, 2015, 9:05am

Sounds as a good option for some of the configuration.
but in 1 very specific case i can’t modify the files or the configuration
(Win server with a piece of software, what is running the weblike interface).