FWIW, I use CNAMEs like that. (I don't use acme-dns. And I have only myself to blame if I set up a really long domain name and break my own code.)
$ dig +short _acme-challenge.www.mn9.us txt
www.mn9.us.acme-challenge.mattnordhoff.net.
Let's Encrypt doesn't prevent you from doing anything, as long as it resolves. (And as long as you don't figure out a way to violate the subscriber agreement!)
jvanasco:
The max count for a FQDN in DNS is roughly 253 characters (it’s a little more complex due to the RFC really being about octets and labels and how things are counted, but let’s assume it’s 253 ASCII characters). I don’t have a problem locking things down to a subset that big - the target audience for this tool is not likely to exceed 50 chars. The dns zones can run on 4+2 and 4+3 character domains too, to further minimize.
1 Like
