Let’s Encrypt and manual DNS TXT Entry

Started by zimbres, December 22, 2019, 02:32:34 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 22, 2019, 02:32:34 PM Last Edit: December 22, 2019, 03:26:21 PM by zimbres
Would be helpful to have an option for manual entry in my DNS TXT record for validation like its possible to do from command line acme.sh.

In my case I don't have port 80 available due to ISP restrictions and my DNS service has no API.
January 09, 2021, 11:53:21 AM #1
I know this is an old thread but still very valid. I just realized that my ISP is blocking port 80 while trying to setup LetsEncrypt and HAProxy.

I would like to see if there is another way to do this.
March 31, 2021, 03:55:03 PM #2
+1
April 01, 2021, 11:22:19 AM #3
Quote from: cyrus104 on January 09, 2021, 11:53:21 AM
I know this is an old thread but still very valid. I just realized that my ISP is blocking port 80 while trying to setup LetsEncrypt and HAProxy.

I would like to see if there is another way to do this.
Yes with LetsEncrypts DNS Challenge
(Unoffial Community) OPNsense Telegram Group: https://t.me/joinchat/0o9JuLUXRFpiNmJk

PM for paid support
May 27, 2021, 09:32:48 PM #4
In my case, this is the only part where OPNsense lacks behind pfSense's ACME plugin implementation.
As my ISP (which is my domain provider) is not offering the possibility to create manually NS Records I am not able to use OPNsense's "ACME DNS API" which would give me the possibility to automate certificate renewals.

Plus, like OP has already mentioned, I do not have the possibility to use manual TXT entries with OPNsense's ACME implementation.

It drives me nuts that I am not able to jump away completely from pfSense to OPNsense. I have to run an additional virtual pfSense instance just because of certificate newewals. PFsense's ACME plugin is just offering more possibilities which do fit my needs.
Print
Go Up Pages1
User actions