Using Certify the web on more than one server


#1

Hi

I’m new to the Certify web app and was wanting to know whether it was possible to use it to generate and renew certificates supporting the same domains on multiple servers (2-4 servers) (One certify the web app running on each server.)

or whether I should be looking at using a central certificate store (CCS) and running some custom scripts/ actions to add the generated/renewed certificates to the central certificate store and get IIS on each server to point to the CCS and setup/renew site bindings for certificate accordingly.

Could you confirm the best way in which the Certify web app could be used to solve this issue.

Thanks


#2

Hi,
The app doesn’t currently have native CCS support but it is planned for the future. You could theoretically use a script of your own (a post-request powershell script) to deploy the certificate to your CCS store with the correct naming but I’m not sure if anyone is currently doing it that way.

The potentially larger issue is shared validation, if you are using http validation (where a challenge response file is created in the website) as this needs to be included in the response of all webservers unless you can direct all /.well-known/acme-challenge requests to a single server.


#3

@smithr18 well it looks like you’re not alone! SNI on a pool of webservers