[buug] letsencrypt

Wojciech Adam Koszek wkoszek at freebsd.czest.pl
Tue May 2 13:50:17 PDT 2017


If you are willing to switch to acme.sh client, it can do a DNS based validation. You pass it a hook to a script which will make DNS zone changes via API. It comes with many ready to use hooks-scripts. You must provide API secret only.

If not that, I've used Python -m SimpleHTTPServer 80 to accomplish the same with the original client. So basically I start a simple Python http server and kill it right after verification


Sent from my iPhone

> On May 2, 2017, at 12:16 PM, Ian Zimmerman <itz at primate.net> wrote:
> Is the a way to get a letsencrypt ceritificate without an already
> functional httpd?  AFAIK all the packaged solutions like dehydrated
> require that (even if the dehydrated package does not depend on the
> httpd package).
> I control the DNS for the domain in question.
> -- 
> Please *no* private Cc: on mailing lists and newsgroups
> Personal signed mail: please _encrypt_ and sign
> Don't clear-text sign:
> http://primate.net/~itz/blog/the-problem-with-gpg-signatures.html
> _______________________________________________
> buug mailing list
> buug at buug.org
> http://buug.org/cgi-bin/mailman/listinfo/buug

More information about the buug mailing list