Humorous solution:
Add test_not_the_valley to all non-prod certificates.
I'll see myself out.
On a more serious note:
Add "testing", "dev", "qa", "internal", or "non-prod" instead. At least those are my goto's for establishing multi-environment separation of configuration data through namespace separation.
It isn't an inherently bad way of going about things as long as you keep it consistent and do your best to automate it.
I prefer to make sure we use a different signing authority, just to be sure. But I didn't give enough context to clue in the reader that that was an option :)
I'll see myself out.
On a more serious note:
Add "testing", "dev", "qa", "internal", or "non-prod" instead. At least those are my goto's for establishing multi-environment separation of configuration data through namespace separation.
It isn't an inherently bad way of going about things as long as you keep it consistent and do your best to automate it.