> My solution is not to mix dynamic update with other access. > Instead, I put in CNAMEs in the signed zone to a sub-zone (or other zone) > where I do exclusive dynamic update. This isn't perfect, but it works > well enough to allow dns-01 (certbot/LetsEncrypt) to be able to refresh my > certificates.
Not perfect? What issues did you see? Thanks! -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
