Create only one certificate per domain for multiple routes with same domain

[mguillem]

According to the log (and my understanding of the code), it seems that a new certificate is requested for each route, even if the host name is the same. This is a problem due to the rate limit of letsencrypt.

In our case, multiple routes are used to map different services to sub paths.

[ibotty]

Yes, that's right. Any idea how an api should look like? I prefer being explicit which domains to combine.

[ibotty]

Oh, you mean routes with paths. Yeah, that's a bug, I introduced when going from secrets to just storing the certificates in the route.

[mguillem]

What was the motivation for moving away from the secrets?

[ibotty]

It did not work for some people, I guess because of bugs in openshift. Additionally, having the certificates in two places (the route and a secret) is not nice. I really do hope, that routes when they get rebased on top of ingresses additionally have a way to reference a secret.

[ibotty]

I don't have much time now, can you please test the path-routes branch? It should fix that part (and lay the foundation of grouping certificates).

[ibotty]

Did you have a chance to test the branch?