SSL Certificate Creation and Maintenance Recommendations (SMG)

I have a couple of SMG devices I have been managing for a while.  One services my production domain while another is used for testing on a personal domain.  SSL/TLS has been set up on my Production SMG box and now I am looking to enable TLS/SSL on my test device.  Unfortunately, I don't fully remember how I initially integrated my certs onto the production machine.  It may very well have been by manually establishing a cert pair with a very long expiration period (10 years).

I have also set up SSL on my GMS systems using LetsEncrypt/Certbot but that was not the method with SMG...

In any case...  Anyone have any general recommendations of which processes might integrate most easily with SMG for the creation and maintenance of SSL certs?  I don't want to have to manually remember/request/download/install SSL certs every 90 days.  So before I consider fabricating a set of certs with a very long expiration, I am curious what method other folks have been using..

Thanks in advance!

Ed

  • 0  

    As mentioned in other discussion threads I use a simple small proxy in front of my services running in the background (based on nginx combined with letsencrypt).

    So I have to take care of certificates only at one spot whereas my servers in the background use self signed certificates. If a service needs "local certificates" (i.e. SMG) then these certificates will be shared by my proxy server.

    My proxy server is a simple sles, small disc and only 2 gb ram.


    Use "Verified Answers" if your problem/issue has been solved!