DDNS Certificates, Multiple Domains, Let's Encrypt, Certbot, Nginx, Ubuntu

nginx ubuntu lets-encrypt certbot

Solution 1:

Bottom line, yes. You can create as many certificates as you want for any valid name that points to your machine via normal DNS records (CNAME, A, AAAA). Some DNS providers and domain registrars have a feature (sometimes called an ALIAS record) that lets you put a virtual CNAME record on the domain apex because CNAME records can't normally exist on the domain apex. Their nameservers will dynamically respond with an A record for the current IP address the alias name points to.

The Let's Encrypt validation servers will always make a standard port 80 HTTP request to http://<name-in-cert>/.well-known/acme-challenge/<token> and expect to receive the appropriate key authorization value in the body of the response. They will follow HTTP 3xx redirects, but I don't think they will follow meta refresh tags. The token and key authorization values will be different for each name and each renewal which is why it's important to try and automate this process.

Related

How to find recently joined computers in ActiveDirectory through a PowerShell command?
Does DANE allow for trustable self-signed certificates?
Unplugging power bank usb safely [closed]
Dig returns incorrect DNS record, but only on specific network. What's wrong?
How to set NTFS permissions and preserve inherited
Spring: Returning empty HTTP Responses with ResponseEntity<Void> doesn't work
How do I create a master branch in a bare Git repository?
How can I convert an integer into its verbal representation?
pip requirements.txt with alternative index
How to get current controller and action from inside Child action?
Wrap link <a> around <div>
Custom Bad Gateway Page with Nginx