letsencrypt_with_dns_challenge_-_i.e._for_non_public_pages_and_wildcard_certificates

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
letsencrypt_with_dns_challenge_-_i.e._for_non_public_pages_and_wildcard_certificates [24.09.2021 13:12] – [bind9 configuration] Pascal Suterletsencrypt_with_dns_challenge_-_i.e._for_non_public_pages_and_wildcard_certificates [27.09.2022 10:28] (current) – [bind9 configuration] Pascal Suter
Line 17: Line 17:
     file "/etc/bind/db.example.ch";      file "/etc/bind/db.example.ch"; 
     notify yes;      notify yes; 
 +    also-notify { 111.111.111.111; }; # ip of additional DNS server(s)
     update-policy {     update-policy {
         grant letsencrypt.example.ch. name _acme-challenge.example.ch. txt;         grant letsencrypt.example.ch. name _acme-challenge.example.ch. txt;
Line 61: Line 62:
  
 you should now see your "test123" in the output.  you should now see your "test123" in the output. 
 +
 +now clean up and remove the test entry: 
 +<code>
 +nsupdate -k key.conf -v
 +> server ns1.example.ch
 +> zone example.ch
 +> del _acme-challenge.example.ch.
 +> send
 +> quit
 +</code>
 ===== set up the certbot side ===== ===== set up the certbot side =====
 for certbot we need to create a ''credentials'' file which contains some info and our key. here is an example for our case:  for certbot we need to create a ''credentials'' file which contains some info and our key. here is an example for our case: 
  • letsencrypt_with_dns_challenge_-_i.e._for_non_public_pages_and_wildcard_certificates.1632481967.txt.gz
  • Last modified: 24.09.2021 13:12
  • by Pascal Suter