Feature #16279
closed
- Status changed from New to Rejected
There are way too many variable factors involved for that to be viable. If the upstream ACME project adds something like that, perhaps, but there aren't any providers which could end up that simple. You have to write a custom script to handle the record addition, removal, and so on.
With certbot there is an option: --manual-auth-hook /usr/local/bin/certbot-auth-hook.sh
does acme.sh have a similar option, and if so can it be supported?
If not, i will submit a feature request with acme.sh and see where it goes...
Otherwise it's difficult for those of us not using any of the existing major DNS providers.
It can be just as simple as dyndns, as it's basically the same thing.
ACME when doing a dns challenge uses a static name for a TXT record _acme-challenge.yourdomain.. The authentication script just needs to change the value of that record to the one given by LE.
Several dyndns systems already work like this, you have an existing record and you're specifying a new value for it - doesn't matter what the type of the record is, and it doesn't care if the contents are an IP or an arbitrary string.
Also available in: Atom
PDF
Updated by 
Updated by