Implementation for CTW

I am using certify the web to automate the process of cert management for my org. I was planning to setup a centralized server where admins can pull certs from. The idea is that I create dns txt records for whatever url address the admins need. And the cetral and admin Certify the Web server pulls the certs and retrieves them from Acme. and the client retrieves the certs from the cert server.


We are current working on solutions for this area with our planned Certify [Management] Server product but a way you can achieve this currently is to use an instance of the app to store certs in a secrets vault (Azure Keyvault, Doppler, Hashicorp vault) - we have some Deployment Tasks which support those targets.

Then on your consumer servers you would regularly (e.g. every maintenance window) pull the latest version of the secret(s) they are interested in/permitted to use and where applicable restart/reload services.