<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><br><div dir="ltr">On 15 Sep 2019, at 10:40, Stephane Bortzmeyer <<a href="mailto:bortzmeyer@nic.fr">bortzmeyer@nic.fr</a>> wrote:<br><br></div><blockquote type="cite"><div dir="ltr"><span>[I believe I've checked the available documentation, and found</span><br><span>nothing. Sorry, if I missed it.]</span><br><span></span><br><span>My dnsdist setup (DoT and DoH) uses a CAcert certificate and it works</span><br><span>fine. Now, I would like to move to Let's Encrypt but I do not see how</span><br><span>to make it work from dnsdist.</span><br><span></span><br><span>HTTP challenges? I don't think there is an ACME client in dnsdist.</span><br><span></span><br><span>DNS challenges? I don't really want to switch my zones to a dynamic</span><br><span>setup.</span><br><span></span><br><span>Is there an obvious solution I've missed?</span><br><span>______________________________________________</span><br></div></blockquote><div><br></div>The acme.sh script has a standalone mode, if you have port 80 open:<div><br></div><div><a href="https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert#2-standalone-mode">https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert#2-standalone-mode</a></div><div><br></div><div><br><div>Regards,</div><div><br></div><div>Andrew</div><div><br></div><div><div dir="ltr"><div><span style="background-color: rgba(255, 255, 255, 0);">----</span></div><span style="background-color: rgba(255, 255, 255, 0);">Dr Andrew Nimmo</span><div><span style="background-color: rgba(255, 255, 255, 0);"><br></span></div><div><span style="background-color: rgba(255, 255, 255, 0);"><a href="mailto:andrew.nimmo@gmail.com">andrew.nimmo@gmail.com</a></span></div><div><br></div></div></div></div></body></html>