Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#2128 adding issuewild #1820

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

#2128 adding issuewild #1820

wants to merge 1 commit into from

Conversation

utkarshsethi
Copy link

The problem

Allow Let's encrypt wildcard subdomain certificates in CAA records #2128

Solution

@alexAubin @tituspijean Just add additional CAA resource records in /src/dns.py lines 141 and 251 (dev-branch) with the "issuewild" tag. It is the same record like the "issue" tag:

;; CAA Records
example.com.	3600	IN	CAA	0 issue     "letsencrypt.org"
example.com.	3600	IN	CAA	0 issuewild "letsencrypt.org"

After that change Let's Encrypt wildcard-certificates can be requested via the DNS-challenge.

YunoHost/issues#2128 (comment)

PR Status

...

How to test

...

@utkarshsethi utkarshsethi mentioned this pull request Apr 28, 2024
Open
@utkarshsethi
Copy link
Author

#2089

@tituspijean
Copy link
Contributor

In my opinion we should, before merging, have a setting to declare that all subdomains of a domain will be handled by that same YunoHost server (a fortiori and more technically correct, to declare that the subdomains certificates will be delivered by Let's Encrypt).

I see many use cases on the forum where users use the same main domain for multiple servers, not all running YunoHost.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@utkarshsethi @tituspijean