[dnsdist] dnsdist and Let's Encrypt (ACME)
bortzmeyer at nic.fr
Sun Sep 15 14:44:43 UTC 2019
On Sun, Sep 15, 2019 at 12:20:46PM +0200,
Andrew Nimmo <andrew.nimmo at gmail.com> wrote
a message of 72 lines which said:
> The acme.sh script has a standalone mode, if you have port 80 open:
Thanks, I forgot about that (and, indeed, port 80 was available).
So I did:
certbot certonly --standalone --domain doh.bortzmeyer.fr
to have the initial certificate.
Then, I configured dnsdist to use
/etc/letsencrypt/live/doh.bortzmeyer.fr/fullchain.pem and then I set
up this for the future renewals:
certbot renew --standalone --deploy-hook /usr/local/sbin/restart-dnsdist
More information about the dnsdist