Is an email address necessary for the Caddy DNS Challenge?

[toyo2333]

i tried yesterday challenge by Cloudflare DNS API key （use Docker ：https://github.com/SlothCroissant/caddy-cloudflaredns）, without Email address ,successed

i am confused about it

some article said a Cloudflare Email Address is required ：

• https://github.com/SlothCroissant/caddy-cloudflaredns

some article said the email address is NOT necessary

• https://caddy.community/t/how-to-use-dns-provider-modules-in-caddy-2/8148
• https://samedwardes.com/2023/11/19/homelab-tls-with-caddy-and-cloudflare/

when using Cloudflare DNS to Challenge, what is the correct way to config email ?

thanks

[francislavoie]

Caddy got a soft-permission from ACME issuers to use a fake email by default when making ACME accounts, so for that reason it's not required at the moment.

But this might change with ZeroSSL soon, it may become required in the coming months https://github.com/caddyserver/caddy/pull/6101 (not providing one would cause Caddy to only use Let's Encrypt and not ZeroSSL). But this isn't finalized yet.

See https://caddyserver.com/docs/caddyfile/options#email. It's recommended to use an email so that ACME issuers can reach out to you if any problem arises with your account, but keep in mind that because of Caddy's relatively unique issuer fallback behaviour, Let's Encrypt might send you emails about cert expiry even though you still have a valid cert from ZeroSSL, because Caddy happened to fall back to switching issers -- Let's Encrypt doesn't know that, they only know "this cert is expiring without being renewed, so let's tell the user".

Next time, please ask your usage questions on the Caddy community forums. We prefer to keep the GitHub issue board for bugs and feature requests. Don't forget to fill out the thread template so we can help you!