I have been searching around these forwards and am not finding much specific to my needs.
I have a macOS server that I need to get a certificate for. It is running 4D web server.
The server is behind a router/NAT, but ports 80 and 443 are forwarded to it.
The router itself is DHCP with our ISP, so we are using a No-IP dynamic DNS hostname. However, we have a subdomain from our webhost (DreamHost, which manages DNS) pointing to our office router with a CNAME record.
Given the DNS setup, I have gathered that the http-01 challenge will not work, but dns-01 challenge will.
Here’s what I’m trying to understand –
Given that I am on macOS, can I follow ANY tutorials or instructions for doing dns-01 challenge on macOS? Or, are specific steps for this process specific to the web server software the macOS system is running? I am NOT using the built-in webserver, so those won’t apply. All 4D does is look for key.pem and cert.pem files in the director of the database files (which may not may not be the webroot).
I definitely have the ability to add DNS records to DreamHost DNS, and I believe they have an API. I have also considered adding an A record pointing a new subdomain to the office router and skipping No-IP, but we’re not prepared to pay $20/month for a static IP, but Comcast IPs don’t often change.
FWIW, this system isn’t going to be public front-end, just used to lookup some XHR data from our website. Because our website already has a certificate, all XHR lookups are required to also be secure.
If anyone can direct me to specific resources, I would be very grateful.