[Pdns-users] Is it possible to filter tsig-key dnsupdate access?

Kevin P. Fleming kevin at km6g.us
Thu Apr 28 19:34:04 UTC 2022


There is no existing mechanism to do that.

On Thu, Apr 28, 2022 at 2:32 PM Djerk Geurts via Pdns-users
<pdns-users at mailman.powerdns.com> wrote:
>
> Hi all,
>
> I’m in the process of setting up DNS-01 Let’s Encrypt verification and have generated the tsig-key, added it to the zone as TSIG-ALLOW-DNSUPDATE. But I’d like to restrict the updates to hostname "_acme-challenge" and record type TXT.
>
> Will I have to write a LUA script for this or is there a better way of doing this?
>
> --
> Best regards,
> Djerk Geurts
> m: +44-7535-674620
>
> Maizymoo Ltd
> VAT No: GB192 1529 07
> Registration Number: 6638104 (registered in England and Wales)
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users


More information about the Pdns-users mailing list