Skip to content

A MirageOS unikernel acting as secondary DNS server, provisioning certificate signing requests to valid certificates using let's encrypt

Notifications You must be signed in to change notification settings

robur-coop/dns-letsencrypt-secondary

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

45 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Let's encrypt DNS provisioning

This is a MirageOS unikernel which provisions TLS certificates using let's encrypt. It looks for certificate signing requests, stored as TLSA records in DNS zones, and uses the let's encrypt ACME DNS challenge to retrieve certificates. The certificate chain is stored in DNS as TLSA record as well. This unikernel also ensures that certificates are valid for at least two weeks.

This can be used with dns-primary-git.

Installation from source

To install this unikernel from source, you need to have opam (>= 2.1.0) and ocaml (>= 4.08.0) installed. Also, mirage is required (>= 4.5.0). Please follow the installation instructions.

The following steps will clone this git repository and compile the unikernel:

$ git clone https://github.com/robur-coop/dns-letsencrypt-secondary.git
$ mirage configure -t <your-favourite-target>
$ make depend
$ make build

Installing as binary

Binaries are available at Reproducible OPAM builds, see Deploying binary MirageOS unikernels and Reproducible MirageOS unikernel builds for details.

Questions?

Please open an issue if you have questions, feature requests, or comments.

About

A MirageOS unikernel acting as secondary DNS server, provisioning certificate signing requests to valid certificates using let's encrypt

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages