Closed Piping closed 5 years ago
antevens
commented
5 years ago Sorry for the late reply, my github was not set up correctly.
I just added some customizations to a new untested develop branch including a way to specify an AUTH_HOOK, assuming you can write a command that updates the records from a bash command line then yes.
antevens
commented
5 years ago These should be en the master branch, please test and if you have issues re-open this issue.
Piping
commented
4 years ago @antevens Hi, I am looking the problem again, in the current script, does DNS server provided by freeipa need to be accessible from public domain (due to how let's encrypt verify dns record)?
Thanks in advance.
antevens
commented
4 years ago Yes, Let's Encrypt needs to be able to look up the DNS records to verify that you own//control them to issue the certificate. You could also set up other DNS server(s) and replicate the zone but the information needs to be accessible to the Let's Encrypt servers to look up the validation records.
Piping
commented
4 years ago @antevens Thanks a lot. My major problem is that my dns and related domain names are local to private network, and it need to be kept that way. So when all these certificates are issued by local CA and users browse the web service using VPN, browsers always have this annoying certificate warning. And I don't have control over users' browser as well. Currently I uses manually installed certificates for web services, but I do hope it is more integrated with freeipa.
Hi,
Is that possible to use this script with other DNS service provider like namecheap, godaddy?