Hi Conrad
On 30/10/17 13:06, Conrad Wood wrote:
Thank you. I am quite aware of Lets Encrypt. It doesn't quite fit my
usecase, specifically:
a) it a pain if you're running several servers, some of which don't
have webservers, thus callbacks become annoying. (e.g. mailservers/vpn-
servers/voip servers etc)
There is the DNS-01 option which I've use for servers that have LAN
only connectivity at work, there is lots of examples available on
this page:
https://github.com/lukas2511/dehydrated/wiki/Examples-for-DNS-01-hooks
Personally I have used this one with Gandi with good results:
https://github.com/AnalogJ/lexicon
b) it is only trusted somewhat widely for web, but mail clients (apple-
mail & iPhone) seem to not accept it for email just as readily. Nor
does it work for gRPC or OpenVPN very well.
I have used their certificates successfully for mail server,
IRC bouncer and OpenVPN and both Android and iPhone clients.
Just a thought, until Bitfolk offer a CA
Peter.