Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
Arnavion
10 days ago
|
parent
|
context
|
favorite
| on:
Nginx introduces native support for ACME protocol
You can do it with an NS record, ie _acme_challenge.realdomain.com pointing to the DNS server that you can program to serve the challenge response. No need to make a CNAME and involve an additional domain in the middle.
aflukasz
10 days ago
[–]
Yeah, but then you can just as well use http-01 with like same effort.
reply
gruez
10 days ago
|
parent
[–]
no, because dns supports wildcard certificates, unlike http.
reply
cpach
10 days ago
|
root
|
parent
|
next
[–]
dns-01 is also good for services on a private network.
reply
aflukasz
10 days ago
|
root
|
parent
|
prev
[–]
Ah, good point.
reply
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
