[Yeti DNS Discuss] A public Yeti DNS resolver (but with TLS)

Jerry Lundström jerry at dns-oarc.net
Thu Dec 22 07:20:31 UTC 2016

Hi Stephane,

On 12/21/16 20:11, Stephane Bortzmeyer wrote:
> The certificate was issued by CAcert <https://www.cacert.org/> I
> wonder if it's possible to get a Let's Encrypt certificate for a DNS
> server (you need to set up a callback server)?

There is a plugin for using a temporary webserver (standalone) and there
are manual ways.  I tend to use the certonly/webroot because it's easy
and does not mess around with whatever webserver your running.

  sudo letsencrypt certonly --webroot -w <webroot> -d <domain> [ -d .. ]

Might be good to put up a page at dns-resolver.bortzmeyer.org with a bit
of information about the resolver and that would solve getting a cert
from Let's Encrypt.


More information about the discuss mailing list