SYSTEM INFORMATION | |
---|---|
OS type and version | Debian Linux 12.0 |
Webmin version | 2.013 |
Virtualmin version | 7.5 |
Usermin version | 1.861 |
I’m trying to figure out the best way to get the letsEncrypt certificates through DNS challenge working because only the VPN port will be open to allow access to internal network.
The idea is to have sub-servers to each sub-domain/services and respective BIND zones working to resolve them after a VPN connection.
There is also a route53 NS to resolve external sub-domains likevpn.domain.com
and www.domain.com
(located on another server)
So as far as I can check virtualmin letsEncrypt DNS challenge will use BIND to get the respective IP address that will never be reached by letsEncrypt.
I know that running the following command will successfully receive a certificate:
certbot certonly --dns-route53 -d cloud.domain.com
So I’m kind stalled here to understand what’s the best option.
- If there is a better approach using only webmin/virtualmin
- prepare an external script to replace virtualmin certificates with ones already received
Suggestions are well appreciated