garage: fix wildcard DNS cert renewal with wildcard CNAME records #245

Merged

teutat3s merged 1 commit from fix-dns-cert-renewal into main

2024-10-24 12:51:41 +00:00

Author	SHA1	Message	Date
teutat3s	9758aeda5d	garage: fix wildcard DNS cert renewal with wildcard All checks were successful Flake checks / Check (pull_request) Successful in 20m13s Details CNAME records By usind wildcard CNAME records, we make lego think it needs to validate challenges using these CNAME records. We actually want regular _acme-challenge.* records, so use a environment variable to avoid CNAME detection. This fixes DNS cert renewal. Still curious? See: https://letsencrypt.org/2019/10/09/onboarding-your-customers-with-lets-encrypt-and-acme/	2024-10-23 20:18:57 +02:00

Author

SHA1

Message

Date

teutat3s

9758aeda5d

garage: fix wildcard DNS cert renewal with wildcard

Flake checks / Check (pull_request) Successful in 20m13s

Details

CNAME records

By usind wildcard CNAME records, we make lego think it needs to validate
challenges using these CNAME records. We actually want regular
_acme-challenge.* records, so use a environment variable to avoid CNAME
detection. This fixes DNS cert renewal. Still curious? See:
https://letsencrypt.org/2019/10/09/onboarding-your-customers-with-lets-encrypt-and-acme/

2024-10-23 20:18:57 +02:00