I have created an account, in which, I have setup my domain “raghavgururajan.name”. I am wondering how to enable Let’s Encrypt Integration.
IIUC, this feature is kinda similar to what DNSimple offers (Automate your Let's Encrypt SSL certificates with DNS validation - DNSimple) right? Automated generation and renewal of certs?
With deSEC, “Let’s Encrypt integration” means that our API is integrated into several certificate management tools (such as acme.sh, or lego). However, we do not “integrate” so far as to generate your certificate for you.
(We also don’t want to do that; we think we should not meddle with your certificate stuff. One disadvantage of that would be, for example, that you would have to get a new certificate from deSEC once it expires. With the other tools, you can instead have a fully automated renewal, so that’s better!)
To check out the tools you can use to automate certificate generation (and renewal) with deSEC, please take a look at or list of Tools implementing deSEC.
Thanks for the reply.
I was looking into those tools. I am confused with the difference between Managed DNS Account and DynDNS Account. Do I need both for LE integration?
There is no difference between the accounts. We just ask you during sign-up what kind of domain you would like to start with, but you can add other domains later via the web interface or our API. All accounts are created equal.
Let’s Encrypt integration just means that there are some tools that know how to use the deSEC API to set the
TXT records necessary for DNS-based domain validation during a Let’s Encrypt certificate request. From our side, it’s just a text record, so your account does not need a specific feature. It’s really more about the tools that coordinate between the certificate authority and the DNS provider (in this case, Let’s Encrypt and deSEC).
Thanks for the clarification.