On 07/10/2022 21:25, Nick Bebout wrote:
DNS validation needs someone (or a DNS plugin for Certbot) to add a DNS record each time the certificate renews (by default Certbot renews 30 days before expiration. This works very well if your DNS provider is supported by one of certbot's plugins, but not as well if you have to update it manually. I'm not sure if there is a way to integrate it into our current DNS setup.Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
For centos.org (and sub-domains) we're also using DNS validation with ACME and it's all automatic : bind supports dynamic zones (and we have a delegated acme.centos.org zone for that reason) : I already mentioned it to Kevin and Mark and pointed to the presentation : so one doesn't have to edit DNS : just let the tool do it for you :)
-- Fabian Arrotin gpg key: 17F3B7A1 | twitter: @arrfab
Attachment:
OpenPGP_0xA25DBAFB17F3B7A1.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
