Usually I issue one cert for each subdomain.
I was thinking about issuing a wildcard for one of my domain, but I have one question:
say I have one main domain example.com with two subdomains one.example.com and two.example.com. Each subdomain is set on a unique server with unique ip address (say server one and two).
I go for the *.example.com wildcard, which is gonna be issued by server one, then I have to manually install certs also for server two, is that right?
And then, at renewal, do I have to do the same thing?
Otherwise the domain two would have an expired cert, is that correct?
If so, I should then automate the process to “copy” the renewed cert to server two each time it is updated.