Poll: We can end DNS provider plugins. Should we?

(Matthew Fay) #21

@ejin, I believe https://certifytheweb.com/ does DNS challenges.

I personally much prefer to have Caddy reverse proxy to my IIS instance, but if you can’t have Caddy, I’ve used Certify SSL Manager in the past and it does the job at least.

(Nothing) #22

@Whitestrake, Thanks, I have tried this tool, it can’t log in to my domain name service provider to automatically create DNS records.
It is not a pleasant thing to maintain one or more SSL certificates every quarter. (There is no such problem in Linux series systems)
So I am currently using a free one-year SSL single domain certificate.

Of course, if I pay, these are not a problem. Can’t blame free software.

(Matthew Fay) #23

Yeah. The list of DNS providers is much shorter than Caddy’s list.

(Nothing) #24

@Whitestrake After using it for a while, I have considered that these automated tools can open an interface to call a third-party exe file or script (the exe file is Windows platform, other platforms use a similar method), so users can use any The language to write this part of the function. You don’t need the author to take care of every DNS service provider, and you don’t need everyone to learn golang to create your own “automatic DNS record creation tool.”

(Matthew Fay) #25

That’s possible.

That said, it’s not a one-step process. The ACME client needs to have the DNS provider perform multiple steps, with some waiting in between. So there needs to be some standard way for Caddy to interact with that third party exe or script. A standard set of features that they must provide. Also, a specific way in which they need to respond to Caddy to let it know they’ve done their job and Caddy can have LetsEncrypt continue the verification process.

Basically, they need to be pretty standardized. Having them as Golang plugins lets us guarantee that - it’s basically the best way to go about it. I’m sure it’s possible, but it’d be very “gung-ho” to just throw a script at it.

1 Like
(Nothing) #26

@Whitestrake Yes, this topic stops, I may have taken up too much layout. Thank you!

(Dan) #27

I’m pretty sure acme.sh can be made to run on Windows, and it has very broad DNS provider support (even broader than Caddy, I believe).