Guillaume Hérail

Ramblings in Frenglish


Apr 2, 2018
Lets Encrypt Behind The Firewall Dehydrated is a client for getting certificates from an ACME server (think let’s encrypt). Being written in bash, its dependencies are quite simple: curl/sed/grep/mktemp. Dehydrated allows us to write simple hooks that, in this post, we’ll use to do dns validation against our authoritative bind server. That way, you can use let’s encrypt certificates even if your server is behind a firewall! (provided it has access to your dns authoritative server)