Let's Encrypt SSL for mail.domain.com domain with external DNS

4 posts / 0 new
Topic locked
Last post
#1 Mon, 09/24/2018 - 09:29
qlwik

Let's Encrypt SSL for mail.domain.com domain with external DNS

Hi, I can successfully create Let's Encrypt SSL for domain.com and www.domain.com, while I have an external DNS Server.

Problem is that I can't get it for mail.domain.com or ftp.domain.com domain, because script is adding _acme-challenge.mail.domain.com in DNS and checking if it is there, but I have an external DNS server so it fail with error: mail.domain.com challenge did not pass: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.mail.domain.com

I could add it to external DNS server, but every time it is different value and it fail to create Let's Encrypt SSL.

How can I solve that problem?

Mon, 09/24/2018 - 15:51
adamjedgar

I did some research for you...there are other challlenge options for Letsencrypt other than the DNS-01 one.

There is also HTTP-01 and TLS-SNI-01.

I think if not a webserver (mail), you might need to run certbot in standalone mode for the http and tls methods.

Im no expert, just what i found

AJECreative is the home of $5 webhosting, $15/month VPS servers (1cpu,1gb RAM, 25GB storage)
Centos7, Debian9, or Ubuntu18LTS
Available Control Panels = Centos-Webpanel, Cyberpanel, or Virtualmin

https://ajecreative.com.au

Wed, 09/26/2018 - 19:39
jimdunn

I do this all the time... I have DNS turn on for some of the domains in Virtualmin, some domains have DNS turned off... no matter.

I have external DNS, use the "Let's Encrypt" built into Virtualmin, works every time!!!

Wed, 09/26/2018 - 19:39
jimdunn

I do this all the time... I have DNS turn on for some of the domains in Virtualmin, some domains have DNS turned off... no matter.

I have external DNS, use the "Let's Encrypt" built into Virtualmin, works every time!!!

Topic locked