need another help based on the discussion on the below thread.
I read further on the DNS validation using CNAME at
I believe with the DNS validation it will allow me to use the same SAN Entry (collab.example.com) on both the servers (running in an Active-Active cluster mode) certificate.
I am looking to understand the format for creating this CNAME entries. Not a DNS guy much so any help will be appreciated. For e.g. if i need to create a CNAME entry for host collab.example.com.
The CNAME part of that article is mainly for hosting providers which provide certificates for their customers with hostnames outside of the control of the hosting provider. Note the difference between example.com and example.net in the article: the former is of the customer, the latter is of the hosting provider.
In your case you probably can use the dns-01 challenge without a CNAME record in the sense it doesn’t conform to the example of the article.
That said, if you’re running multiple servers which would use the same certificate, it’s best to designate one of your servers for the whole ACME/getting a certificate process and redistribute that certificate to all other servers.