I am using acme.sh with great success to manage my certs for my servers (www, imaps, smtp, etc.). I’m using 2.8.0 (the latest as of a few days ago) of acme.sh and I know it does support wildcards certs. Im already using dns-01 for validation and my domain is secured by DNSSEC.
Instead of having a set of certs for individual services, I’m thinking of moving toward wildcard certs but, as I have both ECDSA (my default) and RSA keys (for services that do not support ECDSA), I am wondering whether it is possible to request two identical wildcard certs for the same *.example.net, one with RSA and the other with ECDSA.
I do not really see why it would not work but I’d rather ask beforehand
The only thing to be careful of is that the two certificates will count as duplicates in relation to the "Duplicate Certificates" rate limit described in the rate limit documentation. The duplicate check is based on the certificate identifiers and not the subject public key.
