Hello everyone,
A bit of background on how things are configured: I have many local services and am in the process of setting up two local domains, namely local1.publick.com and local2.publick.com. I own the domain name publick.com and manage it through Cloudflare.
Local1 is for the Windows domain and is using Active Directory, while local2 is for the Linux domain and is using RHEL IDM.
Now, as I am also exploring Single Sign-On (SSO) with Keycloak and a few other things, I would like to properly set up SSL for all these subdomains. Can I configure two local certificate authorities? One for local1.public.com and another for local2.publick.com? I would then use these to create certificates for service.local1.publick.com and service.local2.publick.com. Since the AD domain controller and RHEL IDM controller are authoritative for these two domains, can I still integrate two CAs with this setup?
NO. JUST NO. Fucks sake that thing is written in Perl. Instead use https://github.com/FiloSottile/mkcert OR https://github.com/smallstep/certificates
But yes, a wildcard is mostly way to go, less risks and more results.