Create TXT entry to generate ACME certs

cisagov / cool-dns-cyber.dhs.gov

Terraform configuration to create and populate the cyber.dhs.gov zone.

Creative Commons Zero v1.0 Universal

3 stars 9 forks source link

Create TXT entry to generate ACME certs #94

Closed cduhn17 closed 9 months ago

cduhn17 commented 9 months ago

🗣 Description

We need to update the TXT record for the DNS to create a certificate for Let'sEncrypt. terraform-docs has been run.

Add/Update the api.cyber.dhs.gov TXT, also had to add the TXT record for crossfeed.cyber.dhs.gov

💭 Motivation and context

There are no existing ACME certs and these certs will be put in place of current certs

🧪 Testing

Ran terraform-docs to see if any changes were made to the docs

✅ Pre-approval checklist

[x] This PR has an informative and human-readable title.
[x] Changes are limited to a single goal - eschew scope creep!
[x] All relevant type-of-change labels have been added.
[x] I have read the CONTRIBUTING document.
[x] These code changes follow cisagov code standards.
[x] All relevant repo and/or project documentation has been updated to reflect the changes in this PR.
[x] All new and existing tests pass.

jsf9k commented 9 months ago

@cduhn17 - Please note commit a776933, which I created via terraform-docs markdown . run from the repo directory.

Also, these changes have been applied to COOL production, so you can go ahead and verify them.

cduhn17 commented 9 months ago

I'll need an approval for the record name change and will be following with another changes as I have the production crossfeed cert to create after the api.crossfeed cert is complete. I know clunky, but part of the LE cert creation process.

jsf9k commented 9 months ago

@cduhn17 - So do you want me to reapply the code with your two most recent commits?

Also, please make your commit messages more specific in the future. "Update file" doesn't give the reader any idea as to the actual changes contained in the commit.

cduhn17 commented 9 months ago

@jsf9k , Yes please. Ill also be sure to be more descriptive with changes. Thanks

jsf9k commented 9 months ago

@jsf9k , Yes please. Ill also be sure to be more descriptive with changes. Thanks

I just reapplied.

cduhn17 commented 9 months ago

Ok the first one is complete and I have the cert in-hand. Ill be submitting another change for the other record.

cduhn17 commented 9 months ago

@jsf9k , I have added the values that need to be added to proceed with cert generation

jsf9k commented 9 months ago

@jsf9k , I have added the values that need to be added to proceed with cert generation

I reapplied just now.

cduhn17 commented 9 months ago

@jsf9k @dav3r I have the second certificate. Thanks for all of your help.

jsf9k commented 9 months ago

@jsf9k @dav3r I have the second certificate. Thanks for all of your help.

OK, so this PR is good to merge now?