Would I be requesting something silly when I would request (the proper way) the renewed certificate from LetsEncrypt on the Nethserver host to add the CN for the AD container to the requested certificate, and copy it over the AD container’s Samba certificate?
Yes, I think it would be useful. I’d extend the support to the whole Server certificates page (upload, LE, autogenerated cases).
Let’s listen to other opinions!
Letsencrypt does come with a ‘catch all’ option: you can use wildcards for subdomains. Can this be an option to automagicaly renew the cert for NSDC containter too?
I know I have voiced my concerns about this option, but it might come in handy in this situation.
It’s not a subdomain, and shouldn’t be. It’s a different host on the same domain. So the Nethserver’s record should only need an extra host (nsdc-[servername].domain.tld) added to it’s certificate, and copy it over the certs in the container for this to be no longer an issue.