Certbot for local development

I am currently involved in a fairly large development project. We are using vagrant-based VMs for local development, but are currently doing so without SSL which is hampering certain aspects of development.

We could, of course, use self signed certs, but would prefer to use LetsEncrypt. However, generally these local envs will all be using the same set of hostnames.

One option we are considering is generating a wildcard certificate then distributing it to each dev. With some custom automation this could work, but it is “not the most secure” thing to do. It may be acceptable on a clearly dev only domain, but it’s not the best situation.

What we would like to do is have each dev use certbot or similar to create their own certificates, but would prefer for them to be on the same hostnames (we would put something in place to make the challenges work). Is it possible and/or acceptable for multiple clients to generate certificates for the same hostname (e.g. having multiple clients all request certificates for host.my-local-dev-domain.com)?

1 Like

It’s certainly possible to create multiple certificates, but not infinite certificates. Here are the rate limits:

Each client would have to be able to validate the names.

2 Likes

Thanks, that’s very helpful.

1 Like