Tom - Just wondering if in the future videos if you’re going to be covering certbot and/or acme. I’m aware pfsense for example uses acme as their backend for obtaining and renewing certs. I started off with certbot, however found the acme.sh program (https://github.com/acmesh-official/acme.sh) to be just a heck of a lot easier to work with. I’ve coupled this program with a couple of systemd services/timers for renewal (rather than cron) and found it works really well for me. I’m curious since your volume and experience is like 1,000,000 times more than mine, what you use.
Yes, that is on my to do list for videos.
Hi,
Does that even make sense? Isn’t the certificate certifying that the DNS name is in fact consistent with the IP address the server is using?
A cert only shows that the domain listed on it is in fact created by the person who manages/owns that domain. It doesn’t care about IPs.
Makes sense. Thanks for clarifying that.