DNS

Adding IPv6 to an Nginx website on FreeBSD / FreshPorts

FreshPorts recently moved to an IPv6-capable server but until today, that capability has not been utilized. There were a number of things I had to configure, but this will not necessarily be an exhaustive list for you to follow. Some steps might be missing, and it might not apply to your situation. All of this

Adding IPv6 to an Nginx website on FreeBSD / FreshPorts Read More »

Getting acme.sh to renew certs via cronjob on FreeBSD

In the past, I’ve written about using acme.sh to automatically generate SSL certificates and distribute them to the required locations. I do this in a single central location, and the websites and mail servers grab their new certs from a webserver. At the time of writing, I was using FreeBSD 11.1 and acme.sh 2.7.4, supplied

Getting acme.sh to renew certs via cronjob on FreeBSD Read More »

acme.sh: getting free SSL certificates – installation configuration on FreeBSD

This blog post describes my Let’s Encrypt solution which uses acme.sh and dns-01 challenges to obtain SSL certificates. If you are using HTTP challenges, this post might still be useful, but your configuration will differ slightly. Let’s Encrypt is a certificate authority which has become wildly popular since it was launched in April 2016 (just

acme.sh: getting free SSL certificates – installation configuration on FreeBSD Read More »

Configuring my BIND/named DNS servers to operate from a hidden master via VPN for Let’s Encrypt

What is a hidden DNS master? If you need to ask that, this is not the blog post for you. This post assumes you already know how to configure DNS and just want ideas for your own hidden master. It also assumes the networking, VPN, and firewall are pre-configured for this. This blog post is

Configuring my BIND/named DNS servers to operate from a hidden master via VPN for Let’s Encrypt Read More »

Creating a TXT only nsupdate connection for Let’s Encrypt

I’m in the process of designing my own centralized Let’s Encrypt solution. It was Peter Wemm’s blog post about Let’s Encrypt in the FreeBSD cluster which got me started down this road. My rough notes are this this gist. This blog post assumes you are already familiar with Let’s Encrypt and especially with the dns-01

Creating a TXT only nsupdate connection for Let’s Encrypt Read More »

Scroll to Top