Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ACME method for ddns.net or freemyip.com

    ACME
    2
    7
    1604
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • chudakC
      chudak
      last edited by chudak

      Anybody knows how to configure ACME method for domain names by ddn.net (no-ip.org) or freemyip.com ?

      Thx

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        If a method exist for "ddn.net (no-ip.org) or freemyip.com", then a (compatible) method should exist here : https://github.com/Neilpang/acme.sh/tree/master/dnsapi

        Next best : ddn.net (no-ip.org) or freemyip.com could tell you about it.

        No "help me" PM's please. Use the forum, thanks.

        chudakC 1 Reply Last reply Reply Quote 0
        • chudakC
          chudak @Gertjan
          last edited by

          @gertjan

          Thank you.
          I think I have an extra trouble to address - I wanted to use CA on my local network pfSense router, but I guess I need to do something extra to have certificate issued, e.g. open port 80 etc...

          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan @chudak
            last edited by

            @chudak said in ACME method for ddns.net or freemyip.com:

            e.g. open port 80 etc...

            Ah, the local "webroot" method.
            See https://www.netgate.com/docs/pfsense/certificates/acme-validation.html#ftp-webroot
            Which implies you have a web server behind pfSense on one of it's LAN(s).
            (using the pfSense GUI as the web server is not - underlined not - advisable - see link for the why part).

            A domain registrar with some 'basic' DNS facilities (see the acme method list) is by far the best solution.
            nsupdate will do it's job just fine then. A real "set it and forget it" - and have new certificate every 60 days you doing nothing.

            No "help me" PM's please. Use the forum, thanks.

            chudakC 2 Replies Last reply Reply Quote 0
            • chudakC
              chudak @Gertjan
              last edited by

              @gertjan

              Thanks for warning, copy !

              I deployed self-signed CA via pfSense CA Manager and I guess can be satisfied with that for now :)

              1 Reply Last reply Reply Quote 0
              • chudakC
                chudak @Gertjan
                last edited by

                @gertjan said in ACME method for ddns.net or freemyip.com:

                @chudak said in ACME method for ddns.net or freemyip.com:

                e.g. open port 80 etc...

                Ah, the local "webroot" method.
                See https://www.netgate.com/docs/pfsense/certificates/acme-validation.html#ftp-webroot
                Which implies you have a web server behind pfSense on one of it's LAN(s).
                (using the pfSense GUI as the web server is not - underlined not - advisable - see link for the why part).

                A domain registrar with some 'basic' DNS facilities (see the acme method list) is by far the best solution.
                nsupdate will do it's job just fine then. A real "set it and forget it" - and have new certificate every 60 days you doing nothing.

                @gertjan
                Am I understanding correctly that I would need to enable sftp or ftps on my pfsense router in order to use this ?

                Thx

                GertjanG 1 Reply Last reply Reply Quote 0
                • GertjanG
                  Gertjan @chudak
                  last edited by

                  @chudak said in ACME method for ddns.net or freemyip.com:

                  Am I understanding correctly that I would need to enable sftp or ftps on my pfsense router in order to use this ?

                  Well ... I never used the webroot method but pfSense has all on board to handle the file transfer.
                  I guess it will ask your for credentials needed, so it can login on the the remote (on a pfSense LAN or OPTx interface) (web) server so it can place the files in the web server root.

                  No "help me" PM's please. Use the forum, thanks.

                  1 Reply Last reply Reply Quote 1
                  • First post
                    Last post