I have a unique use case I’d like some opinions on. I work for a large company that has collected several thousand domain names over the years. Most of those domain names are setup on a common web server that simply redirects the user to a different domain name where a real website exists. We would like to provide TLS certs on all of those domain names.
The idea is to run an Apache setup with a vhost per domain that does the necessary redirects, and have certbot manage LetsEncrypt certificates for those domains.
My concerns are:
- What do you think of that setup?
- If I wanted some kind of redundancy on the redirect web server, how is that typically managed with LetsEncrypt certs? Shared volume to store the certs and only 1 server running the certbot process?
I’m also open to any other suggestions to try and solve this problem.