Notably this release supports ACME v2 and the
DNS-01 challenge. The
DNS-01 challenge has become the best practice in terms of security, and is the only one actually accepted for the release of wildcard certificates by Let’s Encrypt.
Exoscale is completely compatible with Lego, which means you can now automate wildcard certificates deployment on our platform. Lego will transparently use our DNS service API to create the appropriate record for the challenge 🎉
E.g. to do it with Traefik, you can use the following
traefik-config.yml as a starting point.
You will need to expose your EXOSCALE_API_KEY and EXOSCALE_API_SECRET credentials as environment variables.
defaultEntryPoints = ["https"] [entryPoints] [entryPoints.http] address = ":80" [entryPoints.http.redirect] entryPoint = "https" [entryPoints.https] address = ":443" [entryPoints.https.tls] [acme] email = "YOUR@EMAIL" storage = "acme.json" entryPoint = "https" acmeLogging = true onDemand = true [[acme.domains]] main = "*.YOUR-DOMAIN.COM" [acme.dnsChallenge] provider = "exoscale" [api] #dashboard = true #debug = true entrypoint = "https"