Deploying individual ACME clients on many clients makes maintenance and troubleshooting of individual certificate renewal failures troublesome and error prone. As an idea for a solution, I would like to combine parts of Certhub (https://certhub.io/) and SaltStack to make for a central solution which can be deployed in an organization. The solution should allow for domains to use different ACME servers if needed.
Goal for this Hackweek
Configure test setup with one controller and one TLS client and write initial Salt states.
It would be nice to integrate monitoring as well. Maybe someone has an idea about combining the setup with https://www.zabbix.com/de/integrations/ssl.
This project is one of its kind!