On Fri, Jul 28, 2017 at 06:01:10PM +0200, Emmanuel Hocdet wrote: > > > Le 28 juil. 2017 à 17:48, Emmanuel Hocdet <m...@gandi.net> a écrit : > > I propose: > > strict_sni is set and generated_cert is not set: default_cert is optional > > (with or without warning?) > > else default_cert is required > > to be exact: > /default_cert/have at least one certificate in bind configuration/
I understood just before this sentence :-) I think it's fine not to have a default_cert if not needed (strict_sni && !generate). I don't know if it complicates anything or not though. Willy
