Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: spetrillo on May 01, 2024, 07:42:25 PM

Title: Let's Encrypt and Certificate Authority Authorization
Post by: spetrillo on May 01, 2024, 07:42:25 PM
Hello all,

My Plesk server, which sits behind my OPNsense firewall, uses Let's Encrypt for all its website certificates. I would like to enable CAA, so that Let's Encrypt is the on CA that is authorized. Plesk provides a way to do this by enable BIND on the server and setting Let's Encrypt as the trusted CA. Can OPNsense handle this functionality, as I am using Unbound to handle all my DNS functionality.

Thanks,
Steve
Title: Re: Let's Encrypt and Certificate Authority Authorization
Post by: Monviech (Cedrik) on May 01, 2024, 08:35:45 PM
The CAA record has to be made in the authoritative nameserver of the domain.
Title: Re: Let's Encrypt and Certificate Authority Authorization
Post by: spetrillo on May 01, 2024, 08:38:08 PM
So if I use Cloudflare as my authoritative DNS I do it there correct?
Text only | Text with Images