Wildcard certs with (almost) any DNS host



Also wiki-fied, link above.


Oh man, this how-to is super!

Now with extra wiki goodness.

1 Like

Thinking about this a bit more…

I wrote this up in response to a feature request for built-in support for wildcard certs from Let’s Encrypt. I figured the hard part of that would be automating the required DNS updates (since everyone’s DNS is different), but that acme-dns could be rolled into the Nethserver installation (or built into a module) to greatly simplify the process. But now I have another idea…

Nethesis could host acme-dns itself (perhaps as a subscription benefit). The only thing that would need to be added to the distro then would be:

  • The Python hook script, configured to use Nethesis’ acme-dns instance, and
  • A GUI element to prompt the user to create the appropriate CNAME entries when necessary
  • (optionally) a way to validate that those CNAME entries are in fact created and active on the authoritative nameservers

Could I run acme-dns on NethServer itself?

Maybe as docker container :wink:


Of course–that’s what this write-up documents.

No doubt it could be done that way as well, though it seems to me like an unnecessary complication.

1 Like