Handling T1500, it has been demonstrated clumsy and slow to manually supersede domains in a Let's Encrypt certificate.

D966 started to automate Let's Encrypt certificates for Eglide, could we generalize it to everything, or at least to the most automated services like the Docker PaaS?

The goal is to force a stable certificate path (or get the path into an usable variable) to be able to have coherent nginx (or other software) configuration.