We’re looking at replacing our current wildcard SSL cert with LetEncrypt when wildcard SSL certs go live.
We have a relatively complex environment, where there are about 7 subdomains, each of which is:
- Load balanced (ie multiple servers)
- essentially sits on separate (cloud) infrastructure
Add on top of that, Cloudflare sits in front of all the domains.
This creates a pretty significant distribution problem. This has been specifically designed to separate these out, the need to distribute certificates across these breaks that.
With the wildcard certs, it’s far more complex to securely distribute and automate distribution of certificates.
My question is, are there best practices around this?