• lemmyvore@feddit.nl
    link
    fedilink
    English
    arrow-up
    1
    ·
    9 months ago

    The alternative is to offer the Let’s Encrypt bot access to your DNS service, typically in the form of an API token which you revoke after the bot verifies the domain. Access to the API is not needed for subsequent cert refreshes, only the first time.

    The bot (or the proxy you use) needs to support the API of the DNS you use, naturally, but they support a wide variety of the most well-known ones.