Is your feature request related to a problem? Please describe
njs-acme currently only supports the HTTP-01 challenge type, which requires that the host be accessible from the Internet on port 80. If you are operating a cluster of NGINX hosts, then you will need to use a shared storage layer for challenge tokens. While this will work just fine for some customers, for others it will not.
The DNS-01 challenge type is the only type that is out-of-band from the web server. It requires that a person or script add a TXT record to a domain for which a certificate is being requested for.
Is your feature request related to a problem? Please describe
njs-acme
currently only supports the HTTP-01 challenge type, which requires that the host be accessible from the Internet on port 80. If you are operating a cluster of NGINX hosts, then you will need to use a shared storage layer for challenge tokens. While this will work just fine for some customers, for others it will not.The DNS-01 challenge type is the only type that is out-of-band from the web server. It requires that a person or script add a TXT record to a domain for which a certificate is being requested for.
Describe the solution you'd like
Either manual or automated DNS record setup.
Describe alternatives you've considered