My domain is: 2590bw.ddns.net (for now)
I ran this command: NA
It produced this output: NA
My web server is (include version): Don’t know.
The operating system my web server runs on is (include version): Linux: Ubuntu 20.04 LTS, other.
My hosting provider, if applicable, is: No-IP (for now)
I can login to a root shell on my machine (yes or no, or I don't know):Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):NA
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Don’t know.
Hi all,
I need general/guidance about how to use LE certificate to encrypt few of my internal resources.
I have a few devices with front-end web server, this includes:
Bitwarden
UPS management
Printers
Blue Iris VMS
Pfsense
Core switch
Unify portal
IP phones
I’m aware of an ACME communication via port 80 and this is my issue; I cannot do port forward.
I have No-IP domains, but I believe it does not support DNS records modifications via API…
If I get new domains from registrar that does support API. Do you think in my case I can use LE certificates successfully?
Thank you.
1 Like
Hello @Overplay7975 , welcome to the Let's Encrypt community.
Here the 3 Challenge Types - Let's Encrypt supported, you mentioned potential issue with Port 80 and referenced DNS Records; so I am guessing the DNS-01 Challenge is what you are thinking of.
Here list some of the DNS providers who easily integrate with Let's Encrypt DNS validation , it is a good place to start.
And here is a list of some of the ACME Client Implementations - Let's Encrypt and there is this list https://acmeclients.com/ too.
It may turn out that there is a better Free ACME CA for you; here is a comparison of some ACME CA Comparison - Posh-ACME
Using Let's Debug the DNS-01 is OK https://letsdebug.net/2590bw.ddns.net/1352376
3 Likes
Actually it is the DNS provider (which may or may not be your domain name registrar or hosting company) that needs the API. DNS providers who easily integrate with Let's Encrypt DNS validation
Very likely; however with your list of devices we will need more knowledgeable Let's Encrypt community volunteers to chime in on different parts.
3 Likes
Ok thank you for the info. I will get back to this later and will ask more/update!
3 Likes
rg305
January 28, 2023, 1:35am
6
You can also redirect the DNS-01
authentication request via CNAMEs.
[check with NO-IP to see if they allow TXT record CNAMEs]
So, in effect, those requests can go anywhere you chose...
You can even host your own DNS server to satisfy them.
You don't need to buy a domain to get a free cert.
5 Likes
system
Closed
February 27, 2023, 1:36am
7
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.