Support wildcard domains #1
Comments
natemcmaster
added
duplicate
natemcmaster
added
the
help wanted
|
Supporting wildcard domains requires DNS challenges to be used - You need to add a |
|
I think it's still possible to do this, but it would require having a programmatic API for the DNS provider so we can add a DNS record on the fly. I would be open to adding an abstraction into the library, something like |
|
@natemcmaster I wonder if you could just reuse win-acme's code, as it already supports this along with a few DNS providers (acme-dns' API, plus Azure, DreamHost and Route53). I do wonder how tightly coupled it is to Windows though... I assume some of the core code could be reused. |
|
Cross-platform support is a must-have. If someone wants to do the legwork here, I'd be willing to sponsor packages like |
|
How can I add DNS TXT record manually? Is there a way? I have an application that doesnt serve http content. @natemcmaster |
|
@ErcinDedeoglu do you mean you only want to serve HTTPS traffic? If so, this was addressed with #75 and is available as a beta https://www.nuget.org/packages/McMaster.AspNetCore.LetsEncrypt/0.5.0-beta.185 DNS validation is not currently implemented. If you are interested in helping build this, let me know and I can assign this issue to you. |
|
First of all thanks for the great library @natemcmaster. This is awesome solution for all. And saving a lot of time. My enviorement has only 1 ip address and installed IIS server with many websites on it. So only solution for me, txt record on DNS. I can't validate domain ownership with 80 port. I tried beta version as you mentioned. But this is the case and I couldn't solve it. |
|
@ErcinDedeoglu are you exposing Kestrel on port 443 with HTTPS? |
|
@natemcmaster IIS using 443 port for other websites. So I changed web api/signalr port to 8080 with https. |
|
@ErcinDedeoglu - for your IIS websites, you'll need to use a different project (see https://github.com/natemcmaster/LetsEncrypt#aspnet-core-with-iis for an explanation.) For your traffic on port 8080, this project also can't help until this DNS feature is implemented. According to the Let's Encrypt protocol, they will only do HTTP and TLS-ALPN challenge verification on ports 80 and 443, respectively, leaving DNS verification as your only option. The most recent release includes what was the most upvoted features (TLS ALPN and auto-renewal). With those out the door, this is probably the next-most requested feature. I'd be happy to have help implementing, if you're interested. If not, I'll look into it when I get free time (which is scarce...like it is for most parents these days.) |
|
Yes, need this as well. We use AWS Route53 which has an API so we can easily add a TXT record. |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Please comment if you believe this should remain open, otherwise it will be closed in 14 days. Thank you for your contributions to this project. |
|
Closing because there was no response to the previous comment. |
|
Hi @natemcmaster ! I made a new issue referencing this (#217) |
|
This is more of an ACME question probably, but it seems like an HTTP challenge to |
Update the client usage to support ACME v2 and wildcard domains
The text was updated successfully, but these errors were encountered: