Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement other TLS certificate deployments #51

Open
3 tasks
daringer opened this issue Jul 6, 2021 · 5 comments
Open
3 tasks

Implement other TLS certificate deployments #51

daringer opened this issue Jul 6, 2021 · 5 comments
Labels
enhancement New feature or request low-prio currently a low priority item remote-access (dynamic) DNS, TLS and networking

Comments

@daringer
Copy link
Collaborator

daringer commented Jul 6, 2021

  • allow enabling TLS with own certificate
  • allow DNS TXT record validation instead of web-challenge (might be covered by the own cert already?)
  • allow using arbitrary "static domain" to allow LAN only arbitrary hostnames
@daringer daringer changed the title Allow using own TLS certificate Implement other TLS certificate deployments Jul 10, 2021
@fire
Copy link

fire commented Jul 10, 2021

Is there anything I can do to increase priority for DNS TXT record validation?

@daringer
Copy link
Collaborator Author

Low-prio means "not planned for the next major" release (1.1), we can clearly consider this for 1.2 then.
Further you could check: https://support.nitrokey.com/t/nextbox-herunterfahren-und-zertifikate/3199 (even if in German) it describes roughly how to set up an own certificate, this might be a workaround for you until then

@fire
Copy link

fire commented Jul 11, 2021

Ah, I'll check back in two weeks.

I don't understand German. I don't know how to read that page.

@daringer
Copy link
Collaborator Author

There are various possibilities to translate to english, inside chrom-ish browsers just a right click and "translate to english" or you could use one of the various web-translators.

daringer referenced this issue in Nitrokey/nextbox-daemon Nov 14, 2021
@daringer
extract expiry from certbot output #20
7ba51c9
@daringer daringer transferred this issue from Nitrokey/nextbox-daemon Jan 14, 2022
@daringer
Copy link
Collaborator Author

this is partly solved by the current approach for "guided dns configuration", acquiring a certificate works using a DNS-verification.

@daringer daringer added enhancement New feature or request low-prio currently a low priority item remote-access (dynamic) DNS, TLS and networking labels Jan 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request low-prio currently a low priority item remote-access (dynamic) DNS, TLS and networking
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fire @daringer