Hi .. FYI.. https://twitter.com/letsencrypt/status/689919523164721152
yes only their production ACME server side.. their official letsencrypt client unfortunately isn't ready AFAIK funny though, several 3rd party Letsencrypt clients already beat the official client to release dns-01 support !
Yeah - I did read that. Letsencrypt will be there soon - I hope.. I for one have been waiting for that info about dns-1. Now I hope the waiting time is snort to get the client.
Yeah i posted the question too on their forums Status of official letsencrypt client's dns-01 challenge support? - Issuance Tech - Let's Encrypt Community Support
Note there's currently issues with certain DNS providers though they need to sort out DNS Challange failed sanity check - Issuance Tech - Let's Encrypt Community Support and from Fix dns01 authority check by r0ro · Pull Request #1398 · letsencrypt/boulder · GitHub and DNS challenge sanity check fails on empty authority · Issue #1391 · letsencrypt/boulder · GitHub
For us with own dns server, that should not give any issues? - I have not tested it yet on my end. I mean - if you have your own, then you will give back authority section requested, right?
@eva2000 - Have you seen this client - lukas2511/letsencrypt.sh: letsencrypt/acme ... - GitHub He wrote:
Yeah seen that was keeping an eye. The whole reason I want to stick with official letsencrypt client as I was expecting development, features will usually come first in official client and any updates, bug fixes will be first there too. But seems official client is lagging behind. With that said, once official client has dns-01 support, any major changes to how it works should in theory be first available in official client. But really sure that would be the case. Right now Centmin Mod integration will still use the official letsencrypt client though.
No - My intention was not to make you change client in LEx branch - it was more to give you the technical explanation on how it could be done with dns-1.. I did post because you ask for documentation on the letsencrypt community..
cheers.. yeah another 3rd party client i am keeping an eye on is Neilpang/le: Simplest shell script for LetsEncrypt free Certificate client which also as dns-01 support
What a nice job Nielpang have done - look at this - now easy can it be?? Code: You will get the output like bellow: Add the following txt record: Domain:_acme-challenge.aa.com Txt value:9ihDbjYfTExAYeDs4DBUeuTo18KBzwvTEjUnSwd32-c Add the following txt record: Domain:_acme-challenge.www.aa.com Txt value:9ihDbjxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx although I would like it to be fully automatic ..
Well fully automatic can only happen if your dns provide has an API you can connect to i.e. Cloudflare, DNSMadeEasy and I believe Amazon Route53 have APIs. I will be testing on Cloudflare DNS API myself