Let's Encrypt dns-01 challenge

The Let's Encrypt dns-01 challenge requires you to prove ownership of a domain by creating a specified TXT DNS record under that domain. It is currently the only way to prove ownership of an entire domain (not just a subdomain) and is therefore the only way to acquire a wildcard TLS certificate.

We used to support RFC2136 DNS Updateauthenticated using TSIG keys. We no longer do. So, at the moment, we do not support the dns-01 challenge. Support for the dns-01 challenge may be restored in the future.