Y
Hacker News
new
|
ask
|
show
|
jobs
by
kuschku
2381 days ago
You can even just set NS records for _acme-challenge subdomain to your own DNS server.
And then have your acme client auth against that one.
No need for a new domain.
1 comments
tyingq
2380 days ago
True, though running your own DNS server or paying for another DNS provider may be similar in effort or expense...as compared to a throwaway cheap TLD domain that comes with DNS.
link
kuschku
2380 days ago
As it's a DNS server that only ever serves certificate validation requests, and doesn't need 100% uptime, a normal simple BIND or knot is good enough.
link
namibj
2380 days ago
I'd expect it to be built in to certbot like serverauth.
link