Even before I clicked on the article, I had a strong feeling this person was using CloudFlare DNS and the related API. (They are.)

Given the immense popularity of Cloudflare DNS + API + ACME DNS-01 challenge, why are not other DNS providers stepping into this foray?

▲

xyzzy_plugh 5 hours ago | parent | next [-]

Perhaps I'm missing something but what's special about Cloudflare here?

You can use a boatload of providers for automated DNS-01.

▲

buckle8017 5 hours ago | parent [-]

There's a relatively short list supported by certbot out of the box.

▲

throw0101a 4 hours ago | parent [-]

One tool that can be used in a deployment hook which supports the API of several dozen DNS providers:

* https://github.com/dns-lexicon/dns-lexicon

	▲	justin_oaks 4 hours ago \| parent [-]
		The list of API integrations provided by the lego project looks quite impressive. https://go-acme.github.io/lego/dns/index.html

▲

JonathonW 5 hours ago | parent | prev | next [-]

Cloudflare is not the only DNS provider supported for DNS-01 challenges, even if you restrict yourself to only using Certbot: https://community.letsencrypt.org/t/dns-providers-who-easily...

▲

varispeed 3 hours ago | parent | prev [-]

I have not used Cloudflare for ages, but remember the Cloudflare API key couldn't be restricted to just one domain, so if someone could get hold of the key, they could have gotten access to all your domains. So that made me not use them. Has anything changed?

	▲	fragmede 3 hours ago \| parent [-]
		Yes, API keys can now be linked to zones or domains.