Zeroth we have to be logged in as `domains`

```bash
daplie whoami
```

First we have to un-hard-code the use of `localhost.daplie.me-certificates` in the `SNICallback` and hard-code `challengeType` to `dns-01`:

```bash
vim /usr/local/lib/node_modules/serve-https/bin/serve-https.js
```

```diff
- if (/.*localhost.*\.daplie\.me/.test(sni.toLowerCase())) {
+ if (false && /.*localhost.*\.daplie\.me/.test(sni.toLowerCase())) {
```

Then we run this:

```
serve-https --email domains@daplie.com --agree-tos --foo-renew --challenge-type dns-01 -d /tmp
```

Then we run `curl-localhosts.sh` (here in the repo), which is pretty much this:

```
curl           https://localhost.daplie.me:8443
curl       https://www.localhost.daplie.me:8443
curl       https://api.localhost.daplie.me:8443
curl    https://assets.localhost.daplie.me:8443
curl     https://cloud.localhost.daplie.me:8443
curl https://api.cloud.localhost.daplie.me:8443

curl https://localhost.foo.daplie.me:8443
curl https://localhost.bar.daplie.me:8443
curl https://localhost.baz.daplie.me:8443

curl https://localhost.alpha.daplie.me:8443
curl https://localhost.beta.daplie.me:8443
curl https://localhost.gamma.daplie.me:8443

curl https://foo.localhost.daplie.me:8443
curl https://bar.localhost.daplie.me:8443
curl https://baz.localhost.daplie.me:8443

curl https://alpha.localhost.daplie.me:8443
curl https://beta.localhost.daplie.me:8443
curl https://gamma.localhost.daplie.me:8443
```

Then we copy

```
rsync -avhHP ~/letsencrypt/etc/live/*localhost*daplie.me ./certs/
```