I have a new openBalena server running. I used the “-c” option with the quickstart script and this is working fine. But I noticed that it still generated all the certificates under config/certs as it did without the -c option. Also, I see that the acme certs are mounted and used by haproxy, but the vpn container references the OPENBALENA_VPN_* variables which contain cert info from config/certs.
So, my question is, are the acme certificates sufficient for everything themselves, or are they only used for some things, while the VPN (openvpn) still requires the certs under config/certs? Basically, I would like to know if acme will handle all my certificate renewals for everything, or I will have to renew those certs under config/certs as well?
Thanks
Kevin