Re: certbot-service wildcard support

all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

From: "Clément Lassieur" <clement@lassieur.org>
To: Nils Gillmann <ng0@n0.is>
Cc: guix-devel@gnu.org
Subject: Re: certbot-service wildcard support
Date: Sat, 04 Aug 2018 11:34:54 +0200	[thread overview]
Message-ID: <87zhy2iif5.fsf@lassieur.org> (raw)
In-Reply-To: <20180804075904.7iwtojwnntypoaju@abyayala>

Nils Gillmann <ng0@n0.is> writes:

> Hi,
>
> recently letsencrypt added support for wildcard certificates.
>
> Since we concluded that it would be a good idea for Taler to
> just use that instead of roughly 30 - 40 subdomain certificates:
>
> Does our certbot-service support the wildcard functionality?

It doesn't, because it doesn't support DNS challenges.

I tried to add support for DNS challenges, but I stopped because my DNS
provider (Namecheap) doesn't have an API to update DNS records.  (Well,
it does, but the API has access to everything and I can't afford the
security risk.)

The problem with DNS challenges is that there is no universal way to
update the records.  It depends very much on the provider (unless you
host your DNS zone).

I packaged PYTHON-DNS-LEXICON though, it might help if you want to work
in this.

Clément

next prev parent reply	other threads:[~2018-08-04  9:35 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-08-04  7:59 certbot-service wildcard support Nils Gillmann
2018-08-04  9:34 ` Clément Lassieur [this message]
2018-08-04  9:47   ` Nils Gillmann
2018-08-04  9:56     ` Clément Lassieur
2018-08-04 10:08       ` Nils Gillmann
2018-08-04 10:17         ` Clément Lassieur

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87zhy2iif5.fsf@lassieur.org \
    --to=clement@lassieur.org \
    --cc=guix-devel@gnu.org \
    --cc=ng0@n0.is \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.