I run an SMTP server for which I would like to generate a certificate.
smtp.mydomain.com only answers on
tcp 25 and
tcp 587, and there is no way I’m going to open an HTTP server on that machine, even for a temporary domain validation.
Is there any way I could tell
certbot to validate my
smtp.mydomain.com FQDN on
tcp 80 or
tcp 443 on a different IP ?
I thought it would be nice and elegant to use a DNS record that would look like :
_http._tcp.smtp.mydomain.com IN SRV 0 10 80 <another IP address>
… same for
Would this work ? Is there another way ?
I’m doing this because I’m already creating and renewing all my certificates for a bunch of domains (which are accessed through HTTP / HTTPS) on a centralized point, and I would like to do the same for non HTTP(S) services.