Just wanted to get some peoples opinion on how to go about this scenario.
Current setup (on AWS):
- Two NGINX Plus instances (not in HA - issues with AWS, so we use Route53 to failover between instances)
- Two Application instances.
I’m trying to think of the best way to get Let’s Encrypt to create and distribute the files as needed.
Say we install Let’s Encrypt on NGINX-A, we will need to replicate the Certificates to NGINX-B. That’s okay i can create a cron to SCP the files across.
The main issue i’m facing is using the webroot, NGINX doesn’t have access to the App Server to put the needed verification files.
Also i assume Let’s Encrypt then sends a web request to verify it’s there? And i can’t guarantee the request will always got to APP-A and not APP-B,
I may be over thinking so would appreciate any feedback or if anyone has been able to get it to work in a similar scenario.