Hey everyone! I'm on the hunt for a reliable online SSL certificate manager that can automatically issue and renew certificates for various services I run. While I'm using AWS Certificate Manager for my AWS-hosted apps—thanks to its automatic renewal via CNAME records—I can't export these certificates for self-hosted services like nginx, apache, or even custom apps in Rust, Go, or Node.js. I'm familiar with certbot, but I really struggle with managing the auto-renewal part, especially since I'm constantly reinstalling my server and dealing with the stress of certificates expiring. It's such an annoying overhead! Are there any trustworthy certificate management services that validate domain ownership using DNS records (like AWS does) but also allow exporting the public/private keys?
2 Answers
If you have command-line access on your server, I'm not sure why you're not able to use certbot. When you reinstall, why not set up a script to automate the installation of everything you need? It could save you a lot of headaches!
Honestly, how do you mess up the renewal process with certbot? Just running `certbot renew` is usually foolproof. Certbot gives you full control and keeps things quite simple!
Haha, it's definitely a me problem! I only need to run that command on a cron job, but I still have to manage hosting an accessible HTTP server each time I reinstall. Not to mention, with human error, I sometimes avoid starting projects because of the certificate hassle. I’ve been thinking about setting up a scheduled AWS Lambda for renewal using Terraform, which might simplify things.