Hi Felix, I use getssl, which is a bash script, for LE certs. For certs on one server I use http, for the other DNS.
The DNS method depends on your DNS provider. Many providers have an API for updating DNS. getssl provides scripts for a small number of popular providers. Acme.sh provides a greater range of DNS provider APIs. I added my own linode dns scripts in preference to those provided by getssl. Linode’s 15 minute DNS update delay has to be accounted for. -- Peter West p...@pbw.id.au “My soul magnifies the Lord…” > On 20 Aug 2017, at 5:20 pm, Felix Zielcke <fziel...@z-51.de> wrote: > > Am Samstag, den 19.08.2017, 21:39 -0400 schrieb KT Walrus: >> >> I use DNS verification for LE certs. Much better since generating >> certs only depends on access to DNS and not your HTTP servers. Cert >> generation is automatic (on a cron job that runs every night looking >> for certs that are within 30 days of expiration). Once set up, it is >> pretty much automatic. I do use Docker to deploy all services for my >> website which also makes things pretty easy to manage. >> >> Kevin > > Hi Kevin, > > what software do you use for DNS based verification? I read with the > official certbot from LE it's not possible to do this fully automated. > Currently I use the http based method, but would like to switch to DNS > based. > > Greetings > Felix
signature.asc
Description: Message signed with OpenPGP