Hi all,
it seems, the dynamic update protocol does not allow things like
_acme-challenge.some-host.some.domain TXT
"tR0VhMRfb4v5WsctEgoD3aWNRJ73n2wqn9hlTPE9pA0"
because there is no zone
some-host.some.domain
However named accepts such constructs, if loaded from text zone file.
The problem is:
- bind requires for dynamic update with
dnssec-update-mode maintain
auto-dnssec maintain
both require dynamic DNS
- letsencrypt requires challenges like the above.
This makes it impossible to create automatic ACME clients with dns-01 challenge.
Does anybody have a workaround?
Thanks, Axel
---
PGP-Key: CDE74120 ☀ computing @ chaos claudius
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
