Starting from version 2.2.0, you can configure validation settings to apply for all
host names across all managed renewals (within the scope of a single ACME service, so
--test endpoint will still have different settings than the regular one).
If you want to have a certificate with hosts from domains, with the DNS for each of them hosted at a different provider. It’s not possible to configure that using the regular renewal configuration process, but by setting global validation options for at least of the hosts, it becomes possible.
Another scenario is when you managed multiple renewals with complicated validation settings. While the secret manager already provides a good way to rotate secret credentials like API keys, in some cases it’s also convenient to be able to quickly update non-secret information like paths, user names, subscription identifiers etc. in multiple renewals. Or at least to not have to input all of that information every time.
You can find the validation options in the main menu under
More options.... From the menu
you can add, edit or remove settings. The settings consist of the regular settings that also
apply to a single renewal, plus:
*for a range of any characters and a
?for any single character. For example: the pattern
my.example.com) and the pattern
www.example.com). Note that multiple patterns can be combined by comma seperating them.
The global validation settings are stored in a file called
information is encrypted just like in regular