[Cryptography] Fast handling of IP Address changes for HTTPS
John Levine
johnl at iecc.com
Fri Dec 29 16:55:18 EST 2017
In article <20171229095504.GW20937 at h-174-65.A328.priv.bahnhof.se> you write:
>On 28 Dec 2017 22:14 -0500, from johnl at iecc.com (John Levine):
>> Or just run the web server on the VPS. They're good at it.
>
>That's probably the best option for self-hosting, IMO. ...
>Otherwise, while I don't use it myself, supposedly Let's Encrypt
>supports validation via DNS. That might be worth looking into as well.
It does, that's how I use it for my mail servers in domains without
web servers. But you need a DNS setup where you can script updates to
your DNS zones and drive that from the certificate generation, It
works fine for me but I control my own DNS using a DNS management
toaster I wrote myself (which of course runs on a server with a fixed
IP address to serve the DNS zones.) Short of that, use a VPS.
R's,
John
More information about the cryptography
mailing list