-
Welcome
How do you use lego?Docker image Detailed DescriptionProblem descriptionMy domain name resolution service uses Huawei Cloud. lego does not support Huawei Cloud DNS now, but I want to use lego to obtain and manage Let's Encrypt certificates. When I was looking for Let's Encrypt documents, I noticed that Let's Encrypt's DNS-01 challenge allows the use of other DNS services. I want to host Solved requirements
Expected methodHuawei Cloud hosts the domain names
I don't know if my idea can be realized. Reference Documents
|
Beta Was this translation helpful? Give feedback.
Replies: 4 comments 2 replies
-
Hello, By default, lego already follows CNAME. You can read the Let's Encrypt articles about that: https://letsencrypt.org/2019/10/09/onboarding-your-customers-with-lets-encrypt-and-acme.html#the-advantages-of-a-cname About Huawei Cloud support, you can follow issue #1543. |
Beta Was this translation helpful? Give feedback.
-
I did not find this implementation method in the lego document. The lego document has instructions for using the Alibaba Cloud API. The code is as follows:
According to my problem description, it should be modified as follows:
How can I tell lego to add TXT records to |
Beta Was this translation helpful? Give feedback.
-
You should use a dedicated domain (ex:
You should create a CNAME on You should create a CNAME on You should create a CNAME on As explain in the article: https://letsencrypt.org/2019/10/09/onboarding-your-customers-with-lets-encrypt-and-acme.html#the-advantages-of-a-cname |
Beta Was this translation helpful? Give feedback.
-
@ldez lego can now handle the issues I raised. Subdomain issues required for Let's Encrypt DNS verificationLet's Encrypt can use Run lego with docker-composedocker-compose.yamlversion: '3'
services:
lego:
image: goacme/lego
restart: always
container_name: lego
working_dir: /home/www/letsencrypt
environment:
- LEGO_ACCOUNT_EMAIL=xxx@gmail.com
- LEGO_CERT_DOMAIN=cft12.eu.org,*.cfty12.eu.org,4837be12.eu.org,*.4837be12.eu.org,876312.xyz,*.876312.xyz
- LEGO_CERT_PATH=/home/www/letsencrypt/lego.crt
- LEGO_CERT_KEY_PATH=/home/www/letsencrypt/lego.key
- LEGO_CERT_PEM_PATH=/home/www/letsencrypt/lego.pem
- ALICLOUD_ACCESS_KEY=LTAI5tBE1zzzz
- ALICLOUD_SECRET_KEY=lGjRXdPFbuneFzzzz
volumes:
- /home/www/lego/letsencrypt:/home/www/letsencrypt LEGO_ACCOUNT_EMAIL, LEGO_CERT_DOMAIN, LEGO_CERT_PATH, LEGO_CERT_KEY_PATH, LEGO_CERT_PEM_PATH, these variables are invalid. I thought that I could apply for a certificate by directly running Domain name introduction
CNAME configuration
This method can be used to apply for a wildcard certificate.
You can also apply for a wildcard certificate in this way. Run logApply for a single domain wildcard certificate
Apply for a multi-domain wildcard certificate, subdomain is `_acme-challenge.letsencrypt`
Apply for a multi-domain wildcard certificate, subdomain is `all.letsencrypt`
|
Beta Was this translation helpful? Give feedback.
@ldez lego can now handle the issues I raised.
Subdomain issues required for Let's Encrypt DNS verification
Let's Encrypt can use
_acme-challenge.example.com
for verification, as well as_acme-challenge.letsencrypt.example.com
andall.letsencrypt.example.com
for verification. There are no special requirements for subdomains. Both_acme-challenge.letsencrypt
andall.letsencrypt
subdomains successfully obtained wildcard certificates.Run lego with docker-compose
docker-compose.yaml