Proxy server for certificate generation


#1

One of the bigger issues a lot of people have with Let’s Encrypt is the difficulty of using offline mode. Will it be possible in the future for a single public-facing server to proxy the management of all internal certificates, if they’re pointed to it properly? (Using whatever authentication is necessary.) Alternately, as long as a single server can manage a large number of certificates, it’s pretty simple to retrieve and install (manually or scripted) the necessary cert for each server every time it’s refreshed. But being able to install the software, point it to a proxy and otherwise run as normal, then set-and-forget it is obviously ideal, since that’s the whole idea behind Let’s Encrypt.


#2

@SilverbackNet, I think this would be a great feature. We haven’t started developing such a thing yet and have our hands full with bug-fixes for the existing integration modes, so in order for this to happen in the near future an outside developer would probably need to contribute the code for it.