The tool appears to drop a file in the http path, in order to verify domain ownership (custom url endpoint). Then afterwards mutates the config to utilize the ssl certs.
I realize this is geared towards less technical users, but I hope there is an option to either not use the cli tool, or alternatively a cli tool that does not mutate configs on its own and/or not require the tool to be run directly on a live web server.
We looked at the ACME draft earlier this year; while it seems to make
life simpler, it really seem that it’s just punting the trust problem to
another server.
The tool appears to drop a file in the http path, in order to verify domain ownership (custom url endpoint). Then afterwards mutates the config to utilize the ssl certs.
I realize this is geared towards less technical users, but I hope there is an option to either not use the cli tool, or alternatively a cli tool that does not mutate configs on its own and/or not require the tool to be run directly on a live web server.
We looked at the ACME draft earlier this year; while it seems to make life simpler, it really seem that it’s just punting the trust problem to another server.
Sure, right after I drop money on new certs! Bah!