Parliament Hill Computers Ltd
Parliament Hill Computers Ltd
This is a name of my own invention.
I use it to mean a group of web sites that all share the same certificate.
This could be because they are really the same web site, eg: www.example.com & example.com and served up
as a ServerAlias in the same virtual host;
or they could be somehow related and it is simpler to just have one certificate, eg: www.example.com & test.example.com
but served up from different virtual hosts.
The important thing is that all of addresses in the family share the same certificate.
To do this all of the names need to be in the same OpenSSL.cnf file.
Let's Encrypt supports up to 100 addresses in a certificate, ie 100 members in a family.
The account number is a 4096 bit random number that is generated by my scripts when a family first
asks Let's Encrypt to sign a certificate. There is thus a one to one relationship between:
OpenSSL.cnf, certificate family and Let's Encrypt account number.
Yes: it would be possible to have one Let's Encrypt account for several families; but I have done it this way for simplicity, it also means that if you need to move a family to a different machine then it is quite simple — you don't run the account from more than one machine.
Next page: Overview of how phcl_acme works with acme_tiny
Return to How to Configure Let's Encrypt with acme_tiny.py
Return to tutorial home.
If you want any help using the above, or have any comments or suggestions, please contact us.