Ability to setup separate certificates for DoH, DoT, DoQ

[savely-krasovsky]

Prerequisites

• I have checked the Wiki and Discussions and found no answer

• I have searched other issues and found no duplicates

• I want to request a feature or enhancement and not ask a question

Description

What problem are you trying to solve?

Currently I know only one CA which issues SSL certificates for IPs, it's ZeroSSL. But in their free tier they issue one cert for the exactly one IP/domain, so I can't issue single certificate for both DoH and DoT.

Proposed solution

Add ability to choose separate certificates for DoH, DoT and probably DoQ. AFAIK it will allow to use DDR.

Alternatives considered

Buy ZeroSSL 50$ per month tier and create cert with IP, domain and wildcard domain to complete fulfill our needs with one certificate.

Additional information

[fernvenue]

But in their free tier they issue one cert for the exactly one IP/domain, so I can't issue single certificate for both DoH and DoT.

May I ask why you can't use single certificate for both DoH and Dot? They are just working on different ports.

[savely-krasovsky]

May I ask why you can't use single certificate for both DoH and Dot? They are just working on different ports.

By certificate for IP I mean something like https://1.1.1.1 where Cloudflare issued a cert with SAN=IP:1.1.1.1

It allows to use DDR standard.

[ainar-g]

Merging into #741.