Re: DNS-01 challenge in acme-client

2018-03-02 Thread Consus
On 19:27 Fri 02 Mar, Stuart Henderson wrote: > On 2018-03-01, Consus wrote: > > Let's Encrypt is going to support wildcard certificates soon enough, but > > only through DNS-01 challenge, but acme-client(1) does not support it. > > Have you guys considered implemeting DNS

Re: DNS-01 challenge in acme-client

2018-03-02 Thread Stuart Henderson
On 2018-03-01, Consus wrote: > Let's Encrypt is going to support wildcard certificates soon enough, but > only through DNS-01 challenge, but acme-client(1) does not support it. > Have you guys considered implemeting DNS challenges? Maybe someone is > already working on the

Re: DNS-01 challenge in acme-client

2018-03-02 Thread Consus
On 15:46 Fri 02 Mar, Consus wrote: > On 11:45 Fri 02 Mar, Etienne wrote: > > Well, really, what you're asking for is having acme-client offload the > > complicated stuff (set the TXT records, then check for verification) to a > > script, which to me looks pretty much the same as writing a script

Re: DNS-01 challenge in acme-client

2018-03-02 Thread Consus
On 11:45 Fri 02 Mar, Etienne wrote: > Well, really, what you're asking for is having acme-client offload the > complicated stuff (set the TXT records, then check for verification) to a > script, which to me looks pretty much the same as writing a script to do > everything. I'm not. Writing TXT

Re: DNS-01 challenge in acme-client

2018-03-02 Thread Etienne
On 01/03/18 14:39, Consus wrote: It is more complicated than creating a file in a folder. With a little luck it's not. Both NSD and BIND allow you to include files in zone configuration like this: [...] The only problem here is #3, but it's possible to create e.g. another pledged process

Re: DNS-01 challenge in acme-client

2018-03-01 Thread Consus
On 15:20 Thu 01 Mar, Solène Rapenne wrote: > It is not easy to implement because this requires access to your > DNS server (like nsd or bind) or your registrar admin API which would > require adding plugins for each API. Well... that's why it's called DNS challenge, right? > It is more

Re: DNS-01 challenge in acme-client

2018-03-01 Thread Solène Rapenne
Le 2018-03-01 10:45, Consus a écrit : Hi, Let's Encrypt is going to support wildcard certificates soon enough, but only through DNS-01 challenge, but acme-client(1) does not support it. Have you guys considered implemeting DNS challenges? Maybe someone is already working on the