letsencrypt_with_dns_challenge_-_i.e._for_non_public_pages_and_wildcard_certificates

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
letsencrypt_with_dns_challenge_-_i.e._for_non_public_pages_and_wildcard_certificates [24.09.2021 13:04] – [bind9 configuration] Pascal Suterletsencrypt_with_dns_challenge_-_i.e._for_non_public_pages_and_wildcard_certificates [27.09.2022 10:28] (current) – [bind9 configuration] Pascal Suter
Line 17: Line 17:
     file "/etc/bind/db.example.ch";      file "/etc/bind/db.example.ch"; 
     notify yes;      notify yes; 
 +    also-notify { 111.111.111.111; }; # ip of additional DNS server(s)
     update-policy {     update-policy {
         grant letsencrypt.example.ch. name _acme-challenge.example.ch. txt;         grant letsencrypt.example.ch. name _acme-challenge.example.ch. txt;
Line 63: Line 64:
  
 now clean up and remove the test entry:  now clean up and remove the test entry: 
 +<code>
 nsupdate -k key.conf -v nsupdate -k key.conf -v
 > server ns1.example.ch > server ns1.example.ch
Line 69: Line 71:
 > send > send
 > quit > quit
 +</code>
 ===== set up the certbot side ===== ===== set up the certbot side =====
 for certbot we need to create a ''credentials'' file which contains some info and our key. here is an example for our case:  for certbot we need to create a ''credentials'' file which contains some info and our key. here is an example for our case: 
  • letsencrypt_with_dns_challenge_-_i.e._for_non_public_pages_and_wildcard_certificates.1632481466.txt.gz
  • Last modified: 24.09.2021 13:04
  • by Pascal Suter