Create DNS override TXT records for ACME-02 LE challenge

Started by rodig0, April 08, 2019, 11:44:27 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 08, 2019, 11:44:27 AM
Hi,there
UFABET
is it somehow possible to create Unibound DNS override for TXT record? I only see A (AAAA) or MX records override.
Adding custom TXT records locally would be super useful for DNS ACME-02 challenge to generate wildcard LE certificates locally.

Thank in advance.
April 08, 2019, 10:35:50 PM #1
I don't think you quite understand how let's encrypt works. You aren't verifying the TXT records, they verify them through their server *then* sign the certificate. Your client only sees a "OK" or "not OK" response that is coming from them (and the certificate of course).

Otherwise you would generate a *.paypal.com certificate that correctly validates on your end user's browser (rendering the entire PKI useless).

A TXT record override could be useful, but for any other reason other than let's encrypt.
Print
Go Up Pages1
User actions