Chicken before the egg scenario

[ghost]

So we are moving all our systems from Linux to BSD and we want to use acme-client. We configure all our systems with ansible right now and we're not sure the best way to handle this situation.

If we are standing up a new www server that hosts a number of different domains, we can't just start nginx with our normal configuration because the certs don't yet exist on the system. We can't get the certs with acme-client because it depends on a nginx or apache config, there's no internal www server it can use like with the python version of letsencrypt.

So what is the best way for us to handle this? Do we have to generate a dummy config for nginx every time we add a new domain and load that up temporarily till we have the initial cert? Is there a better way?

Sorry if this is way out of scope for the issue tracker.

[programingnotes]

@gregf : you can use the dns-01 challenge to get certs for domains without use of nginx/apache.