Hello everyone,

A bit of background on how things are configured: I have many local services and am in the process of setting up two local domains, namely local1.publick.com and local2.publick.com. I own the domain name publick.com and manage it through Cloudflare.

Local1 is for the Windows domain and is using Active Directory, while local2 is for the Linux domain and is using RHEL IDM.

Now, as I am also exploring Single Sign-On (SSO) with Keycloak and a few other things, I would like to properly set up SSL for all these subdomains. Can I configure two local certificate authorities? One for local1.public.com and another for local2.publick.com? I would then use these to create certificates for service.local1.publick.com and service.local2.publick.com. Since the AD domain controller and RHEL IDM controller are authoritative for these two domains, can I still integrate two CAs with this setup?

  • Hexarei
    link
    fedilink
    English
    arrow-up
    3
    ·
    10 months ago

    DNS challenge makes it even easier, since you don’t have to go through the process of transferring it yourself

    • TCB13@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      10 months ago

      Still easier whats to setup that than what’s described. Even the Certbot tool is able to setup it up with a simple command.

      • Hexarei
        link
        fedilink
        English
        arrow-up
        2
        ·
        10 months ago

        Certbot also does DNS challenge, fwiw