[buug] letsencrypt
Wojciech Adam Koszek
wkoszek at freebsd.czest.pl
Tue May 2 13:50:17 PDT 2017
Ian
If you are willing to switch to acme.sh client, it can do a DNS based validation. You pass it a hook to a script which will make DNS zone changes via API. It comes with many ready to use hooks-scripts. You must provide API secret only.
If not that, I've used Python -m SimpleHTTPServer 80 to accomplish the same with the original client. So basically I start a simple Python http server and kill it right after verification
Wojciech
Sent from my iPhone
> On May 2, 2017, at 12:16 PM, Ian Zimmerman <itz at primate.net> wrote:
>
> Is the a way to get a letsencrypt ceritificate without an already
> functional httpd? AFAIK all the packaged solutions like dehydrated
> require that (even if the dehydrated package does not depend on the
> httpd package).
>
> I control the DNS for the domain in question.
>
> --
> Please *no* private Cc: on mailing lists and newsgroups
> Personal signed mail: please _encrypt_ and sign
> Don't clear-text sign:
> http://primate.net/~itz/blog/the-problem-with-gpg-signatures.html
> _______________________________________________
> buug mailing list
> buug at buug.org
> http://buug.org/cgi-bin/mailman/listinfo/buug
More information about the buug
mailing list