Rancher: Rancher Server Built in Let's Encrypt support.

0) We don't have unlimited time, and haven't gotten to it yet?

1) Customers generally have real certs and/or use a balancer like ELB for termination, and anybody else can fairly easily implement it themselves without involving us.

2) It will have to be optional and off by default to work with airgapped installs, so we still need the self-signed generation that was just added for Swarm/K8s (in 1.0.0 both http://your-rancher:8080/ and https://your-rancher:8080 will work, with https providing a self-signed cert by default).

3) I don't know if/how it would work on a HA setup with several independent hosts needing the same cert/key.

4) I also don't know how widely spread their cert or cross-signed cert is, they mostly talk about browsers but it doesn't do any good if commonly used host OSes can't register because they don't have the root certs.

There's already a great service in the catalog for exactly this. Everything doesn't have to be built in.

Edit: I think i misunderstood you. Sorry.

Good points! I can manage without was just wondering what the reasons / potential issues could be and your arguments make that very clear.