ACME nsupdate supported DNS providers
-
I've read through the documentation on the new ACME package for Lets Encrypt certs. Reading through the various methods for verification, it looks like nsupdate is probably the best in my case, at least upon initial review. I didn't see this covered in the documentation (maybe I missed it), but I assume that this only works with certain DNS providers? And some sort of API key or credentials needs to be entered in the package?
If this is correct is there a list of supported providers anyone (outside of the package itself)?
Or am I misunderstanding something about nsupdate?
-
nsupdate is generally for self-hosted DNS using BIND or a similar server that supports RFC2136 updates.
Paid DNS providers generally have their own APIs or update methods, which is why there are many other choices for providers in the ACME package.
Any of the DNS-based options should be fine, if you already have a domain or account with one of those providers.
There might be some paid DNS providers out there that do RFC2136 but I'm not aware of any specifically.
-
There might be some paid DNS providers out there that do RFC2136 but I'm not aware of any specifically.
Dyn does… but it's not the easiest thing in the world to get working. At least it wasn't when I last tried it (which was before I started using pfSense, which might have been part of the problem).