LetsEncrypt Wildcards (Ubuntu 18.04): Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Zeile 28: | Zeile 28: | ||
sudo mkdir /opt/certbot | sudo mkdir /opt/certbot | ||
sudo vi /opt/certbot/rfc2136.ini | sudo vi /opt/certbot/rfc2136.ini | ||
</pre> | |||
<pre> | |||
# Target DNS server | |||
dns_rfc2136_server = 127.0.0.1 | |||
# Target DNS port | |||
dns_rfc2136_port = 53 | |||
# TSIG key name | |||
dns_rfc2136_name = keyname. | |||
# TSIG key secret | |||
dns_rfc2136_secret = 4q4wM/2I180UXoMyN4INVhJNi8V9BCV+jMw2mXgZw/CSuxUT8C7NKKFs AmKd7ak51vWKgSl12ib86oQRPkpDjg== | |||
# TSIG key algorithm | |||
dns_rfc2136_algorithm = HMAC-SHA512 | |||
</pre> | </pre> | ||
Version vom 14. März 2020, 15:24 Uhr
Noch in Bearbeitung
rfc2136
Installation
sudo apt-get install -y certbot python-certbot-apache python3-certbot-dns-rfc2136
Konfiguration
PowerDNS
sudo vi /etc/powerdns/pdns.conf
dnsupdate=yes allow-dnsupdate-from=
Certbot
sudo mkdir /opt/certbot sudo vi /opt/certbot/rfc2136.ini
# Target DNS server dns_rfc2136_server = 127.0.0.1 # Target DNS port dns_rfc2136_port = 53 # TSIG key name dns_rfc2136_name = keyname. # TSIG key secret dns_rfc2136_secret = 4q4wM/2I180UXoMyN4INVhJNi8V9BCV+jMw2mXgZw/CSuxUT8C7NKKFs AmKd7ak51vWKgSl12ib86oQRPkpDjg== # TSIG key algorithm dns_rfc2136_algorithm = HMAC-SHA512
certbot certonly \ --dns-rfc2136 \ --dns-rfc2136-credentials /opt/certbot/rfc2136.ini \ -d example.com
Links
https://certbot.eff.org/lets-encrypt/debianbuster-apache
https://certbot-dns-rfc2136.readthedocs.io/en/stable/
Links
https://bbs.archlinux.org/viewtopic.php?id=240847
https://doc.powerdns.com/authoritative/dnsupdate.html
https://wiki.archlinux.org/index.php/Certbot
Docker
Um das certbot/dns-nsone-Image zu benützen, folgenden Befehl ausführen:
sudo docker run -it --rm --name certbot \ -v "/etc/letsencrypt:/etc/letsencrypt" \ -v "/var/lib/letsencrypt:/var/lib/letsencrypt" \ certbot/dns-nsone certonly
Links
https://certbot.eff.org/docs/install.html#running-with-docker
https://hub.docker.com/u/certbot
https://medium.com/faun/docker-letsencrypt-dns-validation-75ba8c08a0d
Zurück zu LetsEncrypt