I’m working on a PKI program for an alt-DNS root project (OpenNIC) and we were looking into various certificate issuance technologies. For very obvious reasons, our users can’t get SSL certificates from mainstream CAs like Let’s Encrypt itself. But I’m a big fan of the ACME protocol and your Boulder implementation, and I was considering setting it up with our own Root CAs so we could finally secure our network.
I see a few people speak of installing Boulder for various testing purposes, but I’m wondering if anybody else is running it from a more production standpoint (I suppose Let’s Encrypt is…). If so, how has it worked out so far and where might one get started configuring Boulder?
I’m no Go expert, unfortunately, so I may have to find some people to help me out, but hopefully Boulder is the solution I’ve been looking for!