WingNews logo WingNews
top | item 47065717

(no title)

newsoftheday | 11 days ago

Today I do the following:

/usr/bin/letsencrypt renew -n --agree-tos --email me@example.com --keep-until-expiring

Will I need to change that? Will I need to manually add custom DNS entries to all my domains?

PS To add, compared to dealing with some paid certificate services, LetsEncrypt has been a dream.

discuss

order

dextercd|11 days ago

This adds a new validation method that people can use if they want. The existing validation methods (https://letsencrypt.org/docs/challenge-types/) aren't going away, so your current setup will keep working.

jsheard|11 days ago

And to elaborate, the reasons you might want to use a DNS challenge are to acquire wildcard certificates, or to acquire regular certificates on a machine or domain which isn't directly internet-facing. If neither of those apply to you then the regular HTTP/TLS methods are fine.

newsoftheday|11 days ago

This is good news, not sure I got that from reading the article but even if I had to do it, it wouldn't be the end of the world I guess.