iroh icon indicating copy to clipboard operation
iroh copied to clipboard
verified publisher icon n0-computer

relay: no support for wildcard certs

Open Arqu opened this issue 2 years ago • 2 comments

The current implementation of derper does not support wildcard certs. This describes the possible challenge methods and which are compatible with *.domain.tld certificates.

Arqu avatar Jun 14 '23 07:06 Arqu

Manual certificate mode is available as workaround for now.

dignifiedquire avatar Jun 28 '23 14:06 dignifiedquire

This is still active, we only do the TLS-ALPN-01 challenge

Arqu avatar Oct 10 '24 09:10 Arqu

Making sure the issue is up to date: This basically boils down to it not being worth supporting the DNS challenge directly and writing whatever number of integrations with DNS providers. The solution is to write a custom cert resolver that just hot-reloads the cert every day and putting certbot in front with the right DNS config to handle the renewals.

Arqu avatar Nov 18 '24 11:11 Arqu