GFI Software

Welcome to the GFI Software community forum! For support please open a ticket from https://support.gfi.com.

Home » Product Feedback » Kerio Connect Feedback » Let's Encrypt Challenge Method DNS Option (Let's Encrypt Challenge Method DNS Option)
Let's Encrypt Challenge Method DNS Option [message #152715] Tue, 20 September 2022 17:49 Go to next message
cmharley is currently offline  cmharley
Messages: 4
Registered: September 2022
It would be great is we could use an alternate challenge method for the Let's Encrypt interface. There are companies out there that do not feel comfortable opening up web access to their on-prem email server for the HTTP challenge. Also, for those that would be willing to open firewall access to a whitelist IP, the option is not available because Let's Encrypt will not publish an IP list for several reasons, one is the secure nature of their issuing process. The DNS TXT record option would be a good one to explore as an alternative.
Re: Let's Encrypt Challenge Method DNS Option [message #152716 is a reply to message #152715] Wed, 21 September 2022 06:48 Go to previous messageGo to next message
mzaidi is currently offline  mzaidi
Messages: 96
Registered: April 2021
Thank you for the feedback, we've shared your request with the backend Team for further review.
Re: Let's Encrypt Challenge Method DNS Option [message #152775 is a reply to message #152716] Thu, 29 September 2022 15:42 Go to previous messageGo to next message
srazvan is currently offline  srazvan
Messages: 15
Registered: September 2021
Hi cmharley,

Port 80 requirement is due to the Let's Encrypt process. https://letsencrypt.org/docs/allow-port-80/ suggests keeping port 80 open but redirected to HTTPS.
You should not have issues when renewing with a redirected port 80 to 443. But, there are rare situations where the port cannot be opened, even for a redirect.

Per the topic's subject, I understand that you would like KerioConnect to include the DNS-01 and/or TLS-ALPN-01 challenge alongside the current HTTP-01 challenge.
We've logged the request under GFIPEF-80.


GFI Customer Support Edge Team
Re: Let's Encrypt Challenge Method DNS Option [message #152776 is a reply to message #152775] Thu, 29 September 2022 17:35 Go to previous message
cmharley is currently offline  cmharley
Messages: 4
Registered: September 2022
Thank you for the consideration.
Previous Topic: Enhance EWS support (for EM Client, Mailbird and others...)
Next Topic: Zoom Integration with Kerio Connect
Goto Forum:
  


Current Time: Tue Nov 29 05:42:34 CET 2022

Total time taken to generate the page: 0.02604 seconds