| ▲ | Yeroc 3 days ago | |
Last time I checked there's no standardized API/protocol to deal with populating the required TXT records on the DNS side. This is all fine if you've out-sourced your DNS services to one of the big players with a supported API but if you're running your own DNS services then doing automation against that is likely not going to be so easy! | ||
| ▲ | icedchai 3 days ago | parent | next [-] | |
I run my own DNS servers (BIND 9.x) and use an rfc2136 plugin to handle TXT records. It works fine. See https://cert-manager.io/docs/configuration/acme/dns01/rfc213... | ||
| ▲ | procaryote 2 days ago | parent | prev [-] | |
One pretty easy way to do it while running your own DNS is to put the zone files, or some input that you can build to zone files, in version control. There are lots of systems that allow you to set rules for what is required to merge a PR, so if you want "the tests pass, it's a TXT record, the author is whitelisted to change that record" or something, it's very achievable | ||