I am curious, Vertrauen's DynDNS Service is a basic fully quilified DNS Server?
So, if, someone, somewhere, enters the url http://alleycat.synchro.net into their web browser address bar, it resolves to whatever your system stores in a file on your system (resolv.conf?) containing the last reported ip address via my system running dyndns.js correct? After that, does your system send an HTTP response? If yes, would it be possible to use Vertrauen's DynDns as an HTTP Redirect which stores the ip address:<port> and append the port to the HTTP Response and saving that in a dynamic record on Vertrauren as alleycat.txt record, which would then 'prove' DNS ownership and allow http://alleycat.synchro.net to resolve to http://alleycat.synchro.net:81 (maybe
add [dyndns] port=81 to modopts.ini or perhaps dyndns.js automagically discerns
the current http/https port(s) via sbbs.ini [Web] Port=81 TLSPORT=443

If yes, perhaps that would allow letsyncrypt.js to use DNS Validation through Vert as an option??

I know, a lot of assumptions, hopes and dreams on my part.



My doctor said I have the body of a 25 year old ... and the mind of a 10 :-/

---
þ Synchronet þ AlleyCat! BBS - http://alleycat.synchro.net:81
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Synchronet's DynDns
By: Mortifis to Digital Man on Tue Sep 03 2019 04:24 pm

I am curious, Vertrauen's DynDNS Service is a basic fully quilified DNS Server?

Yeah, I use BIND.

So, if, someone, somewhere, enters the url
http://alleycat.synchro.net into their web browser address bar, it resolves to whatever your system stores in a file on your system (resolv.conf?) containing the last reported ip address via my system running dyndns.js correct?

Right (it's called a zone file).

After that, does your system send an HTTP response?

My system isn't involved at that point. *your* system would have to send an HTTP response since its *your* IP address that the hostname is resolving to.

If yes, would
it be possible to use Vertrauen's DynDns as an HTTP Redirect which stores the ip address:<port> and append the port to the HTTP Response and saving that in a dynamic record on Vertrauren as alleycat.txt record, which would then 'prove' DNS ownership and allow http://alleycat.synchro.net to resolve to http://alleycat.synchro.net:81 (maybe add [dyndns] port=81 to

modopts.ini

or perhaps dyndns.js automagically discerns the current http/https port(s) via sbbs.ini [Web] Port=81 TLSPORT=443

No, that's not how HTTP works. :-)

If yes, perhaps that would allow letsyncrypt.js to use DNS Validation through Vert as an option??

I don't think an HTTP-redirect is needed nor would letsencrypt (the service) support it.

digital man

This Is Spinal Tap quote #16:
David St. Hubbins: I believe virtually everything I read...
Norco, CA WX: 93.4øF, 40.0% humidity, 13 mph E wind, 0.00 inches rain/24hrs
--- SBBSecho 3.09-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

After that, does your system send an HTTP response?

My system isn't involved at that point. *your* system would have to send an HTTP response since its *your* IP address that the hostname is resolving

to.

If yes, would
it be possible to use Vertrauen's DynDns as an HTTP Redirect which

stores

the ip address:<port> and append the port to the HTTP Response and

saving

that in a dynamic record on Vertrauren as alleycat.txt record, which would then 'prove' DNS ownership and allow http://alleycat.synchro.net

to

resolve to http://alleycat.synchro.net:81 (maybe add [dyndns] port=81 to modopts.ini or perhaps dyndns.js automagically discerns the current http/https port(s) via sbbs.ini [Web] Port=81 TLSPORT=443

No, that's not how HTTP works. :-)

I was more thinking about a mechanism similar https://help.dyn.com/standard-dns /webhops-and-redirects-in-standard-dns/#webhops as a possible dyndns.synchro.net feature consideration.

As for the [dyndns] modopts.ini and the questions about the BIND zone records

Letsyncrypt exerpt: letsyncrypt DNS-01 Validation https://docs.certifytheweb.com/docs/dns-validation.html

How to use DNS Validation

In order to validate your control of your domains to the certificate authority you will be required to create a specified TXT record in your domain's DNS zone.

To do this you may need to get the API credentials for the (hosted) DNS from your DNS providers control panel, store these credentials in the app then select them to be used for specific certificate requests.

If your DNS provider (or custom DNS setup) does not have an API we can talk to,
you can write your own DNS update script or use the Manual DNS option (the request pauses while you manually update DNS).

If yes, perhaps that would allow letsyncrypt.js to use DNS Validation through Vert as an option??

I don't think an HTTP-redirect is needed nor would letsencrypt (the

service)

support it.

I agree it is not typically needed in most cases, though as an example http://alleycat.synchro.net and https://alleycat.synchro.net connects to https://asmf-etrucker.com on port 80/443 though alleycat.synchro.net web server is on port 81 ... I am not educated not the topography how the DNS mecanism, however, it seems it is all possible

I'll leave this alone again, hope this issue isn't an annoyance, just trying to
figure out how to get https working with my SBBS Web Interface and I am truly appreciate of all of the time, effort and sacrifice you and the other devs put into SBBS!! :-)



My doctor said I have the body of a 25 year old ... and the mind of a 10 :-/

---
þ Synchronet þ AlleyCat! BBS - http://alleycat.synchro.net:81
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Re: Synchronet's DynDns
By: Mortifis to Digital Man on Tue Sep 03 2019 10:02 pm

After that, does your system send an HTTP response?

My system isn't involved at that point. *your* system would have to send an HTTP response since its *your* IP address that the hostname is resolving to.

If yes, would
it be possible to use Vertrauen's DynDns as an HTTP Redirect which stores the ip address:<port> and append the port to the HTTP Response and saving that in a dynamic record on Vertrauren as alleycat.txt record, which would then 'prove' DNS ownership and allow http://alleycat.synchro.net to resolve to http://alleycat.synchro.net:81 (maybe add [dyndns] port=81 to modopts.ini or perhaps dyndns.js automagically discerns the current http/https port(s) via sbbs.ini [Web] Port=81 TLSPORT=443

No, that's not how HTTP works. :-)

I was more thinking about a mechanism similar https://help.dyn.com/standard-dns /webhops-and-redirects-in-standard-dns/#webhops as a possible dyndns.synchro.net feature consideration.

That "WebHop" feature of that DynDNS provider is not actually using DNS. It's using an http-redirect which *only* works for HTTP. It could not work with Telnet, SSH, BinkP, etc. So, it's not really a fit for yourbbs.synchro.net.

As for the [dyndns] modopts.ini and the questions about the BIND zone records

Letsyncrypt exerpt: letsyncrypt DNS-01 Validation https://docs.certifytheweb.com/docs/dns-validation.html

How to use DNS Validation

In order to validate your control of your domains to the certificate authority you will be required to create a specified TXT record in your domain's DNS zone.

To do this you may need to get the API credentials for the (hosted) DNS

from

your DNS providers control panel, store these credentials in the app then select them to be used for specific certificate requests.

If your DNS provider (or custom DNS setup) does not have an API we can talk to,

We don't. Our "API" is custom.

you can write your own DNS update script or use the Manual DNS option
(the request pauses while you manually update DNS).

Yeah, that's the step at which you'll need to add the "txt" setting in your modopts.ini and force a dyndns event.

If yes, perhaps that would allow letsyncrypt.js to use DNS Validation through Vert as an option??

I don't think an HTTP-redirect is needed nor would letsencrypt (the service) support it.

I agree it is not typically needed in most cases, though as an example http://alleycat.synchro.net and https://alleycat.synchro.net connects to https://asmf-etrucker.com on port 80/443 though alleycat.synchro.net web server is on port 81 ... I am not educated not the topography how the DNS mecanism, however, it seems it is all possible

I don't think so. I don't think letsencrypt is going to follow an HTTP redirect for purposes of domain-ownership validation.

I'll leave this alone again, hope this issue isn't an annoyance, just

trying

to figure out how to get https working with my SBBS Web Interface and I am truly appreciate of all of the time, effort and sacrifice you and the other devs put into SBBS!! :-)

Please try the txt/wildcard route.

digital man

Synchronet "Real Fact" #3:
Synchronet version 2 was written in C and 8086 assembly programming languages. Norco, CA WX: 82.5øF, 51.0% humidity, 8 mph E wind, 0.00 inches rain/24hrs
--- SBBSecho 3.09-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)