Support for Certbot (Let's Encrypt SSL certificates) DNS verification #169
Comments
|
Thanks for the suggestion @bari86 A few points of clarification, also per our Discord discussion: Firstly, SlickStack is HTTPS-only meaning that HSTS is hardcoded in our Nginx configuration and any HTTP requests are force redirected to the HTTPS version of the website too. Port 80 is enabled only for the Nginx "catch all" server block. Next is that there should be no need to disable the Cloudflare proxy during Certbot verification... the way SlickStack installs Nginx defaults to using self-signed OpenSSL certificates. Even if you choose Let's Encrypt in The Cerbot webroot verification works fine, as per my ongoing tests. However, on brand new SlickStack servers, for some reason the Lastly, SlickStack defaults to using DNS verification for Certbot when WP Multisite is enabled in I provide this background for Googlers and to explain that yes, we can consider supporting DNS verification for normal (single site) SlickStack servers, but it shouldn't be "necessary" per se. |
jessuppi
changed the title
|
Here's a DNS solution with the acme.sh client and Cloudflare API: We started playing with the acme client (we even have a bash script for it already) but never got around to testing it... I'm not sure how many options we want to maintain in SlickStack for Let's Encrypt. |
Hi,
Please put in SSL DNS verification in SS. The problem I faced is I usually setup the domain and enable Cloudflare proxy immediately before installing SS in the server. I will never off proxy therefore the only way to get SSL verified is via DNS. Even if I off proxy to get initial SSL, then on proxy, after 3 month I need to off and renew the SSL again which is a bit of hassle as I have lots of website. This is for single WP, not multisite.
The text was updated successfully, but these errors were encountered: