Free DNS wild-card service from Japan
Daniel Nashed – 30 March 2021 05:33:19
If you are using a home lab and want to test with many different hosts, having a wild-card DNS entry can be helpful.
This will not work with Let's Encrypt DNS-01 challenges, because it would need DNS TXT records, which are not yet available in a way they can be consumed at MyDNS today.
Still https://www.mydns.jp/#about is a very interesting option today, because of the sub-domain you can point to your server.
And they have a very simple to use HTTP request option to update your IP.
I have created a very simple script to update my IP at mydns.
To determine my public IP I am using the Google STUN servers, which the Sametime meeting server is also using by default.
You need a turn client to use the STUN servers and find out about your public IP.
CentOS as the required software included in the epel-release.
yum install -y epel-release coturn-utils
After installing the turn client, the following type of script will just set your current IP address.
-- mydns_setip.sh --
MID=mydns123456
PWD=1xQ3BRZnxyz
IP=$(turnutils_stunclient -p 19302 stun.l.google.com | grep "addr:" | head -1 | awk -F "addr: " '{print $2}' | cut -f1 -d:)
echo "My IP: [$IP]"
curl "https://www.mydns.jp/directip.html?MID=$MID&PWD=$PWD&IPV4ADDR=$IP"
This can be quite useful for Let's Encrypt HTTP-01 challenges or test servers at home in general.
I have many different integrations for my hosted servers and also for my home servers.
This includes a ACME DNS server, Cloudfare hosted domains, Hetzner hosted domains, sub-domains at Digital Oceans etc.
But MyDNS is a very simple option to get started with Domino V12 CertMgr and HTTP-01 challenges without a static IP.
And this allows to use more than one host name for example to the SNI configuration.
Sadly this does not allow to request wild-card certificates from Let's Encrypt and other ACME providers -- which requires DNS-01 challenges.
As soon they fully support setting DNS TXT records I can consume with a scripted flow, this will become a great option also for looking into DNS-01 flows with ACME.
- Comments [0]