automatically calling a cdn snapshot sounds problematic, however, rob did some work around delivery service level snapshots but it is not complete. maybe delivery service level snapshots could be automatic?? not sure. something to potentially explore.
jeremy On Tue, May 7, 2019 at 2:28 PM Matthew Jackson <[email protected]> wrote: > Hey all, > > I'm working to add integration with LetsEncrypt to get signed certs > automatically for delivery services. In order to prove that I own the > domain, LetsEncrypt does a DNS challenge and requires that a token from > them is put as a TXT record at "_acme-challenge.domain.com". They verify > that the token is there before returning the certs. > > I'm using Traffic Router to do this "DNS" authentication, but this will > require a Snapshot to be taken in order to update TR. LetsEncrypt doesn't > really allow for a break between the request and the challenge, so this > would all have to be done in a row. One option for this would be to add > the TXT record through the "Static DNS Entries" endpoint, automatically > call the Snapshot, and verify the server was updated before returning to > LetsEncrypt. But I wanted to reach out to get everyone's thoughts / other > ideas before proceeding. > > Any thoughts or ideas? > > Thanks > Matt >
