Comment on Do you run a private CA? Could you tell me about your certificate setup if you do?
TechAdmin@lemmy.world 11 months ago
Self-host your own ACME server. Then you can use certbot pointed there.
These instructions are old so not sure if newer/better ways, blog.sean-wright.com/self-host-acme-server/
MigratingtoLemmy@lemmy.world 11 months ago
Thank you, I was looking to host Step-CA, whilst OpenSSL is another option. I’m also planning to combine it with a vault for secrets like Conjur and encrypt the volumes underneath. I want to reach the best security posture possible in this kind of setup