note: letsencrypt-certificates must be renewed every few months. To do this automatically, the CAA record authority must allow that. Asked our domain-owner to allow it, but am not confident that they will agree.
They agree as long as we go with lobid.org and not with a domain of hbz-nrw.de. They also said if no CAA record exist, as it seems to be with lobid.org, the default behaviour is to allow all.
So I shall try this.
acka47
commented
3 years ago
From https://github.com/hbz/lobid/issues/(note: 388#issuecom(note: ment-454036647:
They agree as long as we go with lobid.org and not with a domain of hbz-nrw.de. They also said if no CAA record exist, as it seems to be with lobid.org, the default behaviour is to allow all. So I shall try this.
(This is also a precondition to make solid's authentication mechanism work (resultig from https://github.com/hbz/lobid/issues/358)).