I have SSL certificates that have been issued for a CN and SAN that have the CN and SAN domain names reversed. The CN=embleton.me.uk and SAN=embleton.me.uk & mental.me.uk which is unique on each IPv6 address but the SAN points to another host on an IPv6 address.
The mirror is on CN=mental.me.uk and SAN=mental.me.uk & embleton.me.uk The acme are on the same path and certificates too on each unique website server machine that is in a MySQL mirror. The servers are in a MySQL master to master replication for a database that is used the same for both servers. It is a phpBB that is live mirrored.
Only 1 server has an IPv4 address for I only have one of those behind a NATed connection and this can be switched around for bringing in a replacement during maintenance on the mirror which has certificates which must be mirrored but the CN name is different on each certificate apache website server. The OS is Ubuntu for both servers. And I have complete total control of the servers.
It would be a pain to alter the DNS records when certificates need renewal but during the setup process, this was done. And it would be a pain having to copy certificates between servers, I’d like the process to be automated when renewal comes around. This may not be an issue but maybe for it was first when setup initially.
Am I going to run into an issue when automatic certificate renewal occurs on each server?