My question is, if Let’s Encrypt will support the following use case which i consider quite common:
- multiple sites served with SNI
- nginx with non-default install path
- nginx with hand-tailored site configurations
- custom central certificate folder
- need for quick SAN changes in certificates (re-issue?)
- need for long default certificate lifetime/validity
- no automatic fiddling around in my site or server config
with expected work flow(s):
- issue certificates for a manually populated SAN list plus automatic ownership test
- issue certificate with predefined file name to custom certificate folder
- renewal overwrites exactly the before mentioned file(s)
- SAN change process does not change file name or file name is easy to configure
- S̶A̶N̶ ̶c̶h̶a̶n̶g̶e̶ ̶a̶u̶t̶o̶m̶a̶t̶i̶c̶a̶l̶l̶y̶ ̶r̶e̶v̶o̶k̶e̶s̶ ̶p̶r̶e̶v̶i̶o̶u̶s̶ ̶c̶e̶r̶t̶i̶f̶i̶c̶a̶t̶e̶s̶ ̶m̶a̶t̶c̶h̶i̶n̶g̶ ̶t̶h̶e̶ ̶f̶i̶l̶e̶ ̶n̶a̶m̶e̶ (EDIT, not required)
Although this looks highly specific, this might be a use case common to development environments and/or manually configured VPS environments serving different domains via SNI. I want to control as much as possible and simply use Let’s Encrypt to get certificates without the usual renewal/revocation work flow struggle.
Thank you very much for your answer.