Certify DNS auth CNAME from multiple CtW servers

Can Certify DNS be used for dns-01 auth from two different CtW servers at the same time. The intent is to have two CtW servers capable of renewing the same cert in case one of them fails.

The CNAME requirement seems to be a stumbling block to this approach as having multiple CNAMES for the same DNS node is a no-no according to the RFCs.

Any suggestions ?

Yes. You can copy the necessary domain config (or everything) from C:\ProgramData\Certify\acmedns to the same location on the other server.

Another approach is to put one server in charge of cert renewals and use the Deploy To CCS task to copy the certificates out to a share, then use the CCS feature of IIS to pickup those certs automatically.

Fantastic… pulling the applicable json across worked just fine.

Thanks !!

1 Like