Techly NewsGet the app

Get the latest tech news

DNS-Persist-01: A New Model for DNS-Based Challenge Validation


When you request a certificate from Let’s Encrypt, our servers validate that you control the hostnames in that certificate using ACME challenges. For subscribers who need wildcard certificates or who prefer not to expose infrastructure to the public Internet, the DNS-01 challenge type has long been the only choice. DNS-01 works well. It is widely supported and battle-tested, but it comes with operational costs: DNS propagation delays, recurring DNS updates at renewal time, and automation that often requires distributing DNS credentials throughout your infrastructure.

None

Get the Android app

Or read this on Hacker News

Read more on:

Photo of DNS

DNS

Photo of new model

new model

Photo of dns-persist-01

dns-persist-01

Related news:

News photo

My 6 favorite DNS services - and why they're a must for security

News photo

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

News photo

How to turn on Private DNS mode on your iPhone - and why you should do it ASAP

« Vermont EV buses prove unreliable for transportation this winter
Learning Lean: Part 1 »