Letsencrypt WILDCARD Certificate - follow up questions

[shalak]

Thank you for the "How to Get Letsencrypt WILDCARD Certificate?" tutorial! I've got three questions, I hope you don't mind me asking here, for unknown reasons youtube keeps deleting my comments:

• what do we need the auth.devopsbyexample.io subdomain? for What purpose does it serve? Does it need to be auth exactly?
• from what I understand, you're reaching amce-dns only locally, from the same EC2 machine. What if I want to use it elsewhere? I've got several hosts that provide their own acme-clients, is it safe to expose the amce-dns to the internet?
• you're still able to add any sub-domain from your google panel, right? The presence of acme and auth entry does not conflict with setting. e.g. A record for home.devopsbyexample.io that would point to your home address?

[antonputra]

Sorry for the delay; I didn't get a notification.

1. auth can be anything; it's a random subdomain for your acme-dns server.
2. you can have a dedicated machine for acme-dns, and after issuing certificates, you can distribute them among all your servers
3. yes, you just delegate auth subdomain to answer txt dns queries.