I have used wildcard to its fullest extent in testing and so far I’m very pleased that we got the ability to do so due many and many instances that I needed to create.
The issue I have is… I copied over certificate from master server to slave server with another set of domains. Its SSL, encrypted and all, but it does give out certain errors in error log when it comes to SSL.
As well as wget, I banged my head against the wall until I realized that I had to put --no-check-certificate and it didn’t wanna work without it at all.
My question is:
Do I and how can I sign certificate for another server, so that that server can use it as well without errors?
And is it security flaw to have certificate signed by one server and yet few more use it, like can you revoke us of certificate or is it some vulnerability that no one should afford.
All you need to do is copy fullchain.pem and privkey.pem to the other servers and use them in the web server configurations. Nothing else is required, they are the "total package".
If you're experiencing issues, then it's likely due to misconfiguration of the web server.
If you can share the domains/web servers/configurations, we can help you identify the problem.
And is it security flaw to have certificate signed by one server and yet few more use it, like can you revoke us of certificate or is it some vulnerability that no one should afford.
No, it's fairly common and there's no real issues with it.