This adds a new validation method that people can use if they want. The existing validation methods (https://letsencrypt.org/docs/challenge-types/) aren't going away, so your current setup will keep working.

▲

jsheard 4 hours ago | parent | next [-]

And to elaborate, the reasons you might want to use a DNS challenge are to acquire wildcard certificates, or to acquire regular certificates on a machine or domain which isn't directly internet-facing. If neither of those apply to you then the regular HTTP/TLS methods are fine.

▲

newsoftheday 3 hours ago | parent [-]

OK I was sort of thinking that might be the case but wanted to make sure in case I had to start prepping now, thanks. We use no wildcard domains today, maybe down the road.

	▲	bombcar a minute ago \| parent [-]
		Wildcard domains are a great way to get certs for all your "internal systems" with only having to expose one (or a bit of one on DNS) to the Internet at large. This is going to greatly simplify some of my scripts.

▲

newsoftheday 3 hours ago | parent | prev [-]

This is good news, not sure I got that from reading the article but even if I had to do it, it wouldn't be the end of the world I guess.