My main domain is main.com, but I don`t want to configure API on it due to some security problems.
Can I use another domain ValidationOnly.com with API configuration, and set a CNAME recode, just like _acme-challenge.example.com IN CNAME _acme-challenge.ValidationOnly.com.
to issue a cert with caddy?
Yep! This is called ACME challenge delegation. The DuckDNS plugin has built-in support for it:
Thanks for your sharing, but I found some compatibility problems between the DuckDNS plugin and zerossl, I will create a new topic to solve it.
For reference, said followup topic:
This topic was automatically closed after 30 days. New replies are no longer allowed.