Wildcard certs with (almost) any DNS host


(Dan) #1


Question regarding Lets Encrypt certificate
Howto install guacamole
Letsencrypt wild card Certificates
So, what are you working on? - 16 April 2018
Acme-dns on Nethserver (now with RPM-y goodness!)
(Dan) #2

Also wiki-fied, link above.

(Alessio Fattorini) #3

Oh man, this how-to is super!

Update automatically https certificates
(Dan) #4

Now with extra wiki goodness.

(Dan) #5

Thinking about this a bit more…

I wrote this up in response to a feature request for built-in support for wildcard certs from Let’s Encrypt. I figured the hard part of that would be automating the required DNS updates (since everyone’s DNS is different), but that acme-dns could be rolled into the Nethserver installation (or built into a module) to greatly simplify the process. But now I have another idea…

Nethesis could host acme-dns itself (perhaps as a subscription benefit). The only thing that would need to be added to the distro then would be:

  • The Python hook script, configured to use Nethesis’ acme-dns instance, and
  • A GUI element to prompt the user to create the appropriate CNAME entries when necessary
  • (optionally) a way to validate that those CNAME entries are in fact created and active on the authoritative nameservers

(Davide Principi) #6

Could I run acme-dns on NethServer itself?

Maybe as docker container :wink:


(Dan) #7

Of course–that’s what this write-up documents.

No doubt it could be done that way as well, though it seems to me like an unnecessary complication.