Add support for DNS01 validation using RFC-2136 #92

anothertobi · 2022-06-15T10:31:50Z

Context

To use DNS01 validation with an RFC-2136 compliant nameserver, a secret holding the TSIG key has to be created (see: https://cert-manager.io/docs/configuration/acme/dns01/rfc2136/#configuration-step-2---set-up-cert-manager).
Further, a check like the acme-dns check should be added using nsupdate (see: https://cert-manager.io/docs/configuration/acme/dns01/rfc2136/#using-nsupdate).

Alternatives

Not providing full integration for DNS validation using RFC-2136 in this component

The text was updated successfully, but these errors were encountered:

DebakelOrakel · 2025-02-05T05:58:09Z

RFC-2136 should be possible:

solvers:
  sec_dns01:
    dns01:
      rfc2136:
        nameserver: ns.example.com
        tsigKeyName: cert_manager_key
        tsigAlgorithm: HMACSHA512
        tsigSecretSecretRef:
          name: cert-manager-rfc2136
          key: tsig-key
    selector:
      dnsZones:
        - 'example.com'

anothertobi added the enhancement New feature or request label Jun 15, 2022

anothertobi changed the title ~~Add support for TSIG key secret~~ Add support for DNS01 validation using RFC-2136 Jun 15, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add support for DNS01 validation using RFC-2136 #92

Add support for DNS01 validation using RFC-2136 #92

anothertobi commented Jun 15, 2022 •

edited

Loading

DebakelOrakel commented Feb 5, 2025

Add support for DNS01 validation using RFC-2136 #92

Add support for DNS01 validation using RFC-2136 #92

Comments

anothertobi commented Jun 15, 2022 • edited Loading

Context

Alternatives

DebakelOrakel commented Feb 5, 2025

anothertobi commented Jun 15, 2022 •

edited

Loading