I’ve got several dozen servers, each hosting a subdomain of mydomain.com. I’ve created a wildcard certificate for *.mydomain.com which runs fine on the server I created it on (using certbot) and I copied the relevant files from /etc/letsencrypt over to one of my other servers. It works fine there too.
I’m concerned, though, about what will happen when it’s time to renew the certificate. If I have a cron job running “certbot-auto renew” on both servers for the same wildcard domain, will the right thing happen, i.e. will the certificate get renewed on both servers without any intervention on my part?
I copied over mydomain.conf from /etc/letsencrypt/renewal on the server I created the certificate on to one of my other servers. Was that the right thing to do?
The alternative seems to be to run certbot on each of my several dozen servers and validate that I own the domain on each one. That’s pretty cumbersome.