-
-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Syntax or support for specifying multiple DNS providers #1342
Comments
If this isn't supported, a couple of possible approaches:
--dns:example-a.com route53 something to basically say "This mechanism is only for that particular domain" |
+1 That part of lego is quite confusing if used in combination with Terraform ACME Provider. That provider actually allows for multiple providers in DNS challenges, it does configure these properly, but lego seems to only pick one of them. As a workaround, temporarily inverting the order of the DNS challenges does the trick, as it validates the remaining names with the other provider. Here's what the temporary Terraform plan does:
From a user's perspective, I think the right way to choose the provider is by either explicitly specifying the provider of a name or maybe by automatically detecting the authoritative servers of each name (AWS and Cloudflare publish their respective IP ranges). Could we turn this question into a feature improvement? Please let me know if you need additional information on this issue. Thank you. |
I stumbled on this issue by accident as I was looking into a scenario combining octodns/octodns with two DNS providers and allowing ACME requests bypass the octodns pipeline completely. To get this to work I would need lego to be able to write to both DNS providers separately.
As an easy to understand example, look at github.com which uses this pattern and is also the original creator of octodns :)
|
I've opened a pull request hoping to support multiple providers #2028 |
I'd like to be able to specify different upstream providers for different domains, and it isn't clear if this is supported by the client.
i.e. example-a.com uses route53, and example-b.com uses cloudflare
How do I request a cert containing both example-a.com and example-b.com using lego in that scenario?
The text was updated successfully, but these errors were encountered: