|
|
|
|
|
|
by merb
3085 days ago
|
|
|
I would say the .well-known/ is actually easier. one could just create a nginx (or somehow in haproxy) backend that will actually load the data to generate the cert from a trusted store. (I mean no user will probably use the .well-known endpoint (hopefully)) after that it could actually just put the cert into that store again and reload all public facing webservers |
|
|