I already use certbot with my DNS provider, so it should generally be supported. And indeed, O found the docs, where all supported providers are listed.
I have it setup to use DNS challenges through Cloudflare, but it supports different providers as well. I just add the labels to my docker container and voila, I have TLS
Have you heard of our Lord and Savior, Traefik + ACME issuers?
Let’s Encrypt Expiry Bot just entered the chat.
Does Trafik also allow DNS based challenges with additional certbot plugins, or does it only work by serving a challenge in /.well-known/?
I’ve set up my internal homelab with LE certificates, but if I could get rid of certbot and do this automagically, it’d be nice…
Not all dns providers support acme, I’ve discovered to my recent annoyance. The one I use at work, for instance.
I already use certbot with my DNS provider, so it should generally be supported. And indeed, O found the docs, where all supported providers are listed.
https://doc.traefik.io/traefik/https/acme/#providers
Yeah. For wildcard DNS from letsencrypt, you can’t do HTTP validation, only DNS, which involves creating a TXT record.
Your DNS provider needs to run an ACME server, which runs an API that’ll add the required TXT records on request.
As I understand it.
I have it setup to use DNS challenges through Cloudflare, but it supports different providers as well. I just add the labels to my docker container and voila, I have TLS