DNS provider support

(Nothing) #1

supplement:
The windows platform did not find tools or scripts that can be registered and renewed through the dns challenge. Caddy may be the only one.

2019-05-13 UTC+0000 06:09 update
A DNS record needs to be created automatically during this process.

Poll: We can end DNS provider plugins. Should we?
(Matthew Fay) #2

@ejin, I believe https://certifytheweb.com/ does DNS challenges.

I personally much prefer to have Caddy reverse proxy to my IIS instance, but if you can’t have Caddy, I’ve used Certify SSL Manager in the past and it does the job at least.

(Nothing) #3

@Whitestrake, Thanks, I have tried this tool, it can’t log in to my domain name service provider to automatically create DNS records.
It is not a pleasant thing to maintain one or more SSL certificates every quarter. (There is no such problem in Linux series systems)
So I am currently using a free one-year SSL single domain certificate.

Of course, if I pay, these are not a problem. Can’t blame free software.

(Matthew Fay) #4

Yeah. The list of DNS providers is much shorter than Caddy’s list.

(Nothing) #5

@Whitestrake After using it for a while, I have considered that these automated tools can open an interface to call a third-party exe file or script (the exe file is Windows platform, other platforms use a similar method), so users can use any The language to write this part of the function. You don’t need the author to take care of every DNS service provider, and you don’t need everyone to learn golang to create your own “automatic DNS record creation tool.”

(Matthew Fay) #6

That’s possible.

That said, it’s not a one-step process. The ACME client needs to have the DNS provider perform multiple steps, with some waiting in between. So there needs to be some standard way for Caddy to interact with that third party exe or script. A standard set of features that they must provide. Also, a specific way in which they need to respond to Caddy to let it know they’ve done their job and Caddy can have LetsEncrypt continue the verification process.

Basically, they need to be pretty standardized. Having them as Golang plugins lets us guarantee that - it’s basically the best way to go about it. I’m sure it’s possible, but it’d be very “gung-ho” to just throw a script at it.

1 Like
(Nothing) #7

@Whitestrake Yes, this topic stops, I may have taken up too much layout. Thank you!

(Dan) #8

I’m pretty sure acme.sh can be made to run on Windows, and it has very broad DNS provider support (even broader than Caddy, I believe).

(Nothing) #10

I guess it’s a shell script, is it running in WSL?(WSL=Windows Subsystem for Linux)
If the answer is yes.
Some of my machines run Windows 7, Windows 2008 R2, Windows 2012 R2, Windows 2016, Windows 10 operating systems. WSL is not universal.
So I hope that you are not talking about WSL, but recently crazy exploration, I found that acme.sh can run on Git bash.
If acme.sh has a better way to run on a Windows system, I would like to know more, can you disclose more information? Thank you!

(Dan) #11

From the issue below, it looks like wither WSL or cygwin would be solutions that would let acme.sh run under Windows.

1 Like
(Nothing) #12

thank you very much