SECURING
Before you can request a certificate from the Let's Encrypt CA using DNS-01 challenges, you first need to create a DNS Provider Configuration and a DNS Provider Account.
Before you begin
The DNS Provider Configuration document created in this procedure contains code that is specific to a DNS provider API to automate storing the challenge received from Let's Encrypt servers to a TXT record in your registered DNS domain.
This procedure provides steps to automatically configure DNS Provider Configurations documents for two specific DNS providers. This configuration is done by importing a DXL file available through the HCL Support article at the beginning of this procedure. The DXL file contains provider-specific API code.
However, if your DNS provider is not one of the reference providers available through the DXL file, there is support for developing your own DNS Provider Configuration document according to the requirements of your DNS provider API. More information about this approach is also found through the Support article.
The DNS Provider Account document created in this procedure is used to associate your domain with the DNS Provider in certstore.nsf. Later, when you create a TLS Credentials document to request a certificate for a host name within this domain, CertMgr knows to use DNS-01challenges.
Procedure
1. Create a DNS Configuration document with a reference implementation:
b. Open certstore.nsf.
c. Click the DNS Configuration view.
d. Select Actions -> Import DXL to create a DNS Provider Configuration document for each of the two reference DNS providers.
Note:
b. Click Add Account.
c. In the Registered domain field, enter the DNS domain to request certificates for. For example, renovations.com.
d. In the Account name field, provide a name for the account.
e. In the Status field, selectEnabled.
f. In the DNS provider configuration field, select the DNS Provider configuration you use. Click ?to open the DNS Provider Configuration document to reference it as you complete the remaining steps.
g. Complete the fields in the Configuration Valuessection as required by your DNS provider.
h. Save & Close.
Complete the procedure, Configuring the ACME account profiles.
Parent topic: Preparing a Domino server to request certificates from the Let's Encrypt CA