[Pdns-users] Web API for dns-01 challenge (_acme-challenge subdomains)

Dominik Menke dom at digineo.de
Mon Jul 8 13:33:38 UTC 2019

Hi Kevin,

the lua-dnsupdate-policy-script sound like something I can use. Thanks 
for the pointer.

Kind Regards,
Dominik Menke

On 7/8/19 12:18 PM, Kevin P. Fleming wrote:
> It is not necessary to use the web/API server for DNS-01 challenges; I
> use them all the time and don't have either of those enabled. DNS-01
> can use a variety of protocols for adding/removing the necessary TXT
> records, and if you choose the RFC2136 protocol you can communicate
> directly with the pdns auth primary server and use its built-in
> controls to restrict updating in various ways. If you need more
> flexibility in restricting updates you can add a Lua script which
> validates the incoming requests.
> On Mon, Jul 8, 2019 at 5:43 AM Dominik Menke <dom at digineo.de> wrote:
>> [stuff]

More information about the Pdns-users mailing list