From a47dba014c80cfa80e7a56e1edeb3d937be08ea9 Mon Sep 17 00:00:00 2001
From: Jacob Rosborg <jacob@rosborg.dk>
Date: Fri, 23 May 2025 14:10:34 +0200
Subject: [PATCH] chore(alt_cert): Note regarding issues when controller dns
 and alt cert overlaps.

---
 docusaurus/docs/guides/deployments/console.mdx | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docusaurus/docs/guides/deployments/console.mdx b/docusaurus/docs/guides/deployments/console.mdx
index 49103015d..eb2df41bd 100644
--- a/docusaurus/docs/guides/deployments/console.mdx
+++ b/docusaurus/docs/guides/deployments/console.mdx
@@ -39,6 +39,10 @@ Before generating an SSL certificate, ensure you have a valid DNS record pointin
 your server. This can be done through your DNS provider’s control panel, dashboard, or directly via a domain
 registrar.
 
+:::note Important note on DNS
+Ensure the DNS record for the Alternative Server Certificate is not the same DNS record used for the controller. This can cause issues when validating JWT tokens on the clients. This may show as `key is of invalid type: RSA verify expects *rsa.PublicKey` when enrolling a router.
+:::
+
 Ensure you wait for DNS propagation to complete before attempting ACME DNS-based challenge.
 
 This may take a few minutes to a few hours, but you can use tools like [Google Admin Toolbox Dig](https://toolbox.googleapps.com/apps/dig/#TXT/)