How does the client know how to interpret my Apache web server configuration? I mean it’s a pretty complex task to change any web host configuration, add a file to make it publicly accessible and don’t break existing things like .htaccess redirects. Think of configurations like ASP.NET MVC where the URL doesn’t have to correspond to anything in the file system.
It would be a lot simpler if the validation process wouldn’t need to tinker with my live web server but just use another port that’s free. It could then download the certificate to a path that I provide for each domain and maybe reload the web server if necessary.
I wouldn’t want to even try this client if it has the potential to seriously damage my server configuration.