Package localca uses an autocert.Cache to store and generate TLS certificates for domains on demand.
This is kind of powerful, and as such it is limited to only generate certificates as subdomains of a given domain.
The design and implementation of this is kinda stolen from minica.
Manager automatically provisions and caches TLS certificates in a given autocert Cache. If it cannot fetch a certificate on demand, the certificate is dynamically generated with a lifetime of 100 years, which should be good enough.
New creates a new Manager with the given key filename, certificate filename, allowed domain suffix and autocert cache. All given certificates will be created if they don't already exist.