Hacker News new | past | comments | ask | show | jobs | submit login

If your server is not accessible from the internet you need to use DNS based authentication for which you need to have a DNS API key lying around on your server which is a significant risk.



Put the ACME challenges in their own DNS zones. Grant the key permission to only that zone. Risk mitigated.


Is this possible on Porkbun?




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: