I want to setup SSL Certificates generator/manager for Custom Domains - using Let’s Encrypt but I’m not able to find the right tutorial. I’ve done some research work and I’m able to setup Let’s Encrypt Certbot on one domain/machine with nginx.
I have a web app on Azure which will serve multiple domains, so multiple custom domains from single IP. I want to generate SSL Certificates for custom domains on the fly.
I learnt that Openresty can help but I couldn’t find any step-by-step article. How do I setup the SSL Management with Let’s Encrypt. At this point I’m not sure if I need a stand-alone VM or if it possible to run as a set of REST API Endpoint on a Web Server? Any pointers? I appreciate any help!
In order to support on-the-fly generation of certificates for custom domains, you'll probably have to use software that's specialized for this purpose or else write your own software. An example of software that does support this natively is the Caddy web server.
There may be other software options, but most Let's Encrypt clients don't support this natively without some additional scripting, and most hosting providers with automated Let's Encrypt integrations have probably had to do some of their own software development.
I don't think these questions are very relevant. More significant, most likely, is your operating system environment and your web application environment. Are you developing the web application yourself? In what kind of language? What conditions will let it know that it needs to obtain a new certificate? If the certificate were obtained by external software, would your web application be able to make use of it by itself, or would it need other software to handle the certificate deployment as well?
Another thing to look at is ACME libraries which can provide you with functions that you can call from various programming languages to request certificates.
Hopefully some of this existing software is relevant to you in some way, but this mainly depends on the nature of your existing software environment.
@schoen: thank you for your reply. I found the client list more friendly for Linux/Unix users but thanks for the pointer. I did a little more research and found a “Certes” to be promising for .NET developers. We can append it in the list as well!