add full validation of DNS provider needed for

gneisstech / bedrock

Incubating infrastructure as data, code

MIT License

0 stars 0 forks source link

add full validation of DNS provider needed for #19

Closed PaulCharlton closed 3 years ago

PaulCharlton commented 3 years ago

add full validation of DNS provider needed for TLS Certificates

PaulCharlton commented 3 years ago

Certbot/LetsEncrypt require "no failures" when attempting to retrieve CAA records; 1) ensure that we can add a CAA record at the same subdomain as the hosts requested in the configuration files 2) ensure that any higher level subdomains do not return errors when asked for CAA records

PaulCharlton commented 3 years ago

'CAA' record for same host FQDN as the 'A' record solved the issue with LetsEncrypt