Comment by telotortium

Comment by telotortium a year ago

8 replies

View on Hacker News

Speaking of the topic of automation, does anyone know of a domain registry that is suitable for issuing Let's Encrypt certificates for a machine behind a firewall (which requires using the DNS challenge)? I currently use Namecheap, but they started requiring you to manually whitelist the client IP address to use their API, which is annoying when your residential ISP changes your IP address.

Edit: seems like using Cloudflare as the DNS host is the way to go here. Thanks everyone!

jchw a year ago

If you are not allergic to Cloudflare, they work very well with the DNS-01 challenge and they provide both registrar services as well as DNS. Of course, you can use Namecheap domains with Cloudflare or any other DNS provider and that should solve your problem too.

Reply View 0 replies
jhart99 a year ago

Cloudflare has worked quite well for me as a DNS host. You don't need to have the registrar host the DNS records.

Reply View 0 replies
throw0101c a year ago

> Speaking of the topic of automation, does anyone know of a domain registry that is suitable for issuing Let's Encrypt certificates for a machine behind a firewall (which requires using the DNS challenge)?

Here's a utility (and library) that can talk to several dozen APIs for DNS updates (use it as a hook in your ACME client):

* https://github.com/dns-lexicon/dns-lexicon

* Previously at: https://github.com/AnalogJ/lexicon

Reply View 0 replies
birdman3131 a year ago

Digital ocean can be used as name servers without paying and they have an API. No clue how compatible.

Reply View 1 reply
  • coffee-- a year ago

    I use Digital Ocean via Caddy and acme.sh with no problems

    Reply View 0 replies
bruce511 a year ago

I use DNSimple.com - it's working well, and has a stable API that can let you do anything.

Reply View 0 replies