Do wildcard certificates with subdomain delegation via _acme-challenge work?
#91
Comments
|
I think that would work. What do you mean by "is this supported" though? Let's Encrypt supports it, or do you mean something else? |
|
Whether this plugin supports it? I'm not sure whether Caddy itself or this plugin would implement this. If so - might be nice to add an example, if only to point out this approach to work around Cloudflare's lack of API key granularity. |
|
Typically delegation is a more permanent thing, i.e. you create the record and leave it. In that way, I guess an automated record wouldn't even need to be created. 🤔 I haven't tried it tbh. But I'd be open to non-invasive patches if needed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Question, not a bug report.
Cloudflare outside Enterprise doesn't allow delegating a subdomain, and API DNS edit keys are always for a full zone.
It is my understanding that a CNAME
_acme-challenge.sub.domain.example.com->throwaway-domain.comshould allow issuing wildcard certificates*.sub.domain.example.com(and specific certificates as well).Is this supported currently, and if not would this be a big lift to implement?
The text was updated successfully, but these errors were encountered: