howtos:let_s_encrypt_-_how_to_issue_certificates_with_cloudflare_dns_and_f5_rest_api

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
howtos:let_s_encrypt_-_how_to_issue_certificates_with_cloudflare_dns_and_f5_rest_api [d/m/Y H:i]
domingo [Installation]
howtos:let_s_encrypt_-_how_to_issue_certificates_with_cloudflare_dns_and_f5_rest_api [d/m/Y H:i] (current)
domingo [Configuration]
Line 44: Line 44:
   * KEY_ALGO=rsa   * KEY_ALGO=rsa
   * CONTACT_EMAIL=someone@example.com   * CONTACT_EMAIL=someone@example.com
 +  * PREFERRED_CHAIN="ISRG Root X1"
 +
 +I had to specify the "PREFERRED_CHAIN" variable due to some Android quirks and the expired "DST Root CA X3" root. For a more detailed explanation look here [[https://ikarus.sg/lets-encrypt-dot-android/|Let's Encrypt and DNS over TLS Hell on Android]]
  
 I have to use RSA certificates due to some SNI limitations in the F5 configuration. If you want to run EC certificates the script works just as well. I have to use RSA certificates due to some SNI limitations in the F5 configuration. If you want to run EC certificates the script works just as well.
howtos/let_s_encrypt_-_how_to_issue_certificates_with_cloudflare_dns_and_f5_rest_api.txt · Last modified: d/m/Y H:i by domingo