[GH-ISSUE #27] How to add other types of records through the API? #8

New issue

Closed

opened 2026-03-13 15:20:11 +03:00 by kerem · 1 comment

kerem commented

2026-03-13 15:20:11 +03:00

Owner

Originally created by @themihai on GitHub (Dec 20, 2017).
Original GitHub issue: https://github.com/acme-dns/acme-dns/issues/27

The documentations shows how to add TXT records(assuming that you defer the verification from your main DNS server using a CNAME) but I wonder if it supports other record types and if it can be used as the main DNS server(i.e. point the NS records to it). Using a different server just for ACME verifications doesn't seem right.

Originally created by @themihai on GitHub (Dec 20, 2017). Original GitHub issue: https://github.com/acme-dns/acme-dns/issues/27 The documentations shows how to add TXT records(assuming that you defer the verification from your main DNS server using a CNAME) but I wonder if it supports other record types and if it can be used as the main DNS server(i.e. point the NS records to it). Using a different server just for ACME verifications doesn't seem right.

kerem closed this issue

2026-03-13 15:20:17 +03:00

kerem commented

2026-03-13 15:20:23 +03:00

Author

Owner

@joohoi commented on GitHub (Dec 21, 2017):

The static configuration file allows you to add any and all kinds of records you wish, example from the default configuration file:

# predefined records served in addition to the TXT
records = [
    # default A
    "auth.example.org. A 192.168.1.100",
    # A 
    "ns1.auth.example.org. A 192.168.1.100",
    "ns2.auth.example.org. A 192.168.1.100",
    # NS
    "auth.example.org. NS ns1.auth.example.org.",
    "auth.example.org. NS ns2.auth.example.org.",
]

Using acme-dns as a primary nameserver is discouraged however. It lacks a lot of important functionality that actual name servers carry, for example the zone transfers for master->slave propagation, DNSSEC etc. It was specifically developed to act as a supplementary mean to handle ACME DNS validation in a way that has minimal attack surface and is intentionally limited because of that.

@joohoi commented on GitHub (Dec 21, 2017): The static configuration file allows you to add any and all kinds of records you wish, example from the default configuration file: ``` # predefined records served in addition to the TXT records = [ # default A "auth.example.org. A 192.168.1.100", # A "ns1.auth.example.org. A 192.168.1.100", "ns2.auth.example.org. A 192.168.1.100", # NS "auth.example.org. NS ns1.auth.example.org.", "auth.example.org. NS ns2.auth.example.org.", ] ``` Using acme-dns as a primary nameserver is discouraged however. It lacks a lot of important functionality that actual name servers carry, for example the zone transfers for master->slave propagation, DNSSEC etc. It was specifically developed to act as a supplementary mean to handle ACME DNS validation in a way that has minimal attack surface and is intentionally limited because of that.

kerem referenced this issue

2026-03-13 16:13:03 +03:00

[PR #8] [CLOSED] Updated dependencies #239