acme-dns/acme-dns

Features

• DNS Challenge Verifiers - Implements a DNS server that proxies TXT records to verify domain ownership for ACME certificate issuance.
• DNS Proxy REST API Endpoints - Includes HTTP endpoints to programmatically control the DNS proxy and update validation records.
• DNS Record Management - Provides a REST API for programmatically updating DNS TXT records for certificate validation.
• Challenge Delegation - Proxies TXT record lookups for DNS-01 challenges by providing unique subdomains.
• Challenge Delegation Servers - Provides a lightweight, containerized DNS service for deploying delegated challenge infrastructure.
• CNAME Proxy Certificate Applications - Uses CNAME records to delegate DNS-01 challenge verification from a primary zone to a specialized server.
• ACME Challenge Servers - Acts as a dedicated DNS server specifically for proxying ACME DNS-01 validation challenges.
• ACME Protocol Implementations - Implements logic to manage short-lived validation tokens for automated certificate issuance.
• Challenge Token Managers - Provides an API to issue and manage unique subdomains and credentials for certificate authority validation tokens.
• DNS Validation Providers - Automates domain ownership verification for SSL certificates without exposing primary DNS credentials.
• Secure Validation API Gateways - Provides a restricted API interface for updating TXT records using network filtering to prevent unauthorized modifications.
• Stateless DNS Proxies - Operates as a stateless DNS proxy that resolves queries by fetching tokens from a backend store.
• Network-Based Access Controls - Restricts API access for DNS record updates to specific source networks using CIDR notation.
• Certificate Renewal Managers - Facilitates the scaling of TLS certificate issuance and renewal through automated DNS verification.
• Automated Certificate Management - Automatically fetches and renews HTTPS certificates for its own management API.

Star history