PIXILAB Wiki

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
blocks:server:nginx:dns01_challenge [2025-09-17 06:31] – [Outline of the steps involved for DNS-Challange] mattiasblocks:server:nginx:dns01_challenge [2025-09-17 06:50] (current) – [DNS-01 Challenge for renewal of HTTPS certificates] mattias
Line 4: Line 4:
 There are three main ways to prove for the certificate provider that you are the legal owner in control of a domain name. HTTP-01 challenge, DNS-01 challenge, TLS-ALPN-01.  There are three main ways to prove for the certificate provider that you are the legal owner in control of a domain name. HTTP-01 challenge, DNS-01 challenge, TLS-ALPN-01. 
 We will not bother about the TLS-ALPN-01, it has rather specific purposes, HTTP-01 will work if the server is published to the internet, e.g. a cloud server.  We will not bother about the TLS-ALPN-01, it has rather specific purposes, HTTP-01 will work if the server is published to the internet, e.g. a cloud server. 
-To allow for automatic renewal on server that is not exposed to the internet the DNS-01 challenge is useful.  All it need is a dns provider with an api and a cert-bot plug in for Let's Encrypt that can automatically renew the certificates when required.+To allow for automatic renewal on server that is not exposed but can access the internet DNS-01 challenge is useful.  All it need is a dns provider with an api and a cert-bot plug in for Let's Encrypt that can automatically renew the certificates when required.  
 +==== Available plugins ==== 
 +The officical certbot plugins maintained by Certbot can be found [[https://github.com/certbot/certbot|here]]
  
 +3rd party plugins can be found [[https://pypi.org/search/?q=certbot-dns-|here]].
 ====Outline of the steps involved for DNS-Challange==== ====Outline of the steps involved for DNS-Challange====