5

I have a question regarding DNS, assuming I have my domain register pointed to an external DNS, is it possible for me redirect it to another DNS if something isn't found.

I am asking because of ACME changing every 3 months, which I would not like to manually update.

Sawb
  • 63
  • 3
  • 1
    "redirection" is not really a term applicable at the DNS level. "redirection" comes from the HTTP layer. A `CNAME` is an alias, so semantically slightly different. And `NS` records are for delegations, which are a far stronger mechanism than an HTTP redirection where you map one URL to another URL. – Patrick Mevzek Aug 23 '22 at 13:33

1 Answers1

10

You can't make that redirect conditional, but as also the Let's Encrypt documentation explains here, you can use DNS CNAME records or NS records to delegate specific records (and answering the DNS-01 challenge) to other DNS zones and/or servers.
That is a perfectly sound solution in case your current DNS provider doesn't provide a DNS API for automation and you cannot switch completely to a different provider.

 _acme-challenge.example.com.  IN CNAME example-com.example.co.uk.

where you use a single record example-com.example.co.uk. in TXT "challenge" in an existing DNS zone or

_acme-challenge.example.com.  IN NS example-com.example.co.uk.

where you set up a completely new zone that is authoritative for *._acme-challenge.example.com. including _acme-challenge.example.com. itself.

HBruijn
  • 72,524
  • 21
  • 127
  • 192