Hello all ! I have a Rancher cluster and multiple downstream clusters, and I need to generate SSL certificates for each cluster using the Let's Encrypt API with the following DNS wildcard formats: •

*.<http://local.rke.example.com|local.rke.example.com>

•

*.<http://downstream1.rke.example.com|downstream1.rke.example.com>

•

*.<http://downstream2.rke.example.com|downstream2.rke.example.com>

•

*.<http://downstream3.rke.example.com|downstream3.rke.example.com>

However, the Let's Encrypt production API has a limit of 50 certificates per registered domain per week. Since the registered domain is

<http://example.com|example.com>

, I may quickly reach this limit. I'm not sure about how the renewal process for certificates works if I decide to use the ACME Terraform provider. Specifically, I'm uncertain if renewing the certificates requires executing an additional Terraform apply. I want to know if there is another solution to achieve this please ?

I kinda figured that was the case but sometimes you can't quite know how people work. Honestly, I would check to see if there is someone at the EFF who can let you know if there is a workaround. https://community.letsencrypt.org/