What are the differences between TLS, HTTP and DNS Challenges on the website https://docs.traefik.io/user-guides/docker-compose/acme-tls/.
What I want to do is, that users can visit my website via https. It seems to be, that all three(TLS, HTTP, DNS) scopes cover https but which of them should I take?
The 3 challenges allow to obtain certificates from Let's Encrypt.
Those challenges use different technical approaches to do that:
- HTTP challenge: the challenge consist to expose a token on an HTTP endpoint.
- TLS challenge: the challenge consist to expose a temporary certificates on an HTTPS endpoint.
- DNS challenge: the challenge consist to expose a TXT record on a DNS.
Treafik manage automatically those challenges.
For a user, like you, the easier challenge to configure is the TLS challenge.
The DNS challenge is the only challenge that allows to get a wildcard certificate (ex:
*.example.com) but it's the slowest.
@ldez One more question. Do I have also to configure certificates for subdomain or it is enough when I have certificate for domain.
For example, I will generate certificate for microrest.io and for keycloak.microrest.io do I have to create seperately?