Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Nobody stops you building an ACME client that does this. However I expect it would mostly accumulate confused bug reports from users who don't know their IP address, or don't even have a public IP address, and certainly can't unblock UDP port 53 on their device.


certbot already has a "stand-alone" authorization mechanism that has all those drawbacks, so doing a similar thing for DNS might not be too terrible...

kro pointed out (in this thread) this plugin that is more or less what I described: https://github.com/pawitp/acme-dns-server




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: