Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
certificates
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
-
acme-dns
Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
We're digging into dehydrated. Personally, I would NOT call it "simple to use," but I'm a Windows guy so maybe it's just me. Give it the API access it needs and it can update your external DNS records, do the Let's Encrypt handshake, and get certs for either named systems or wildcards. Then you just need to push the certs out from that system.
Check out https://github.com/go-acme/lego, they support most DNS providers that have API access.
I recommend https://smallstep.com/certificates/ everything you need to deploy and internal CA.
I have done it with https://github.com/joohoi/acme-dns It's a DNS server you deploy just for the DNS challenge. The doc is good, does take some time getting your head around how it's work but once set it's easy.