Implement other TLS certificate deployments

[daringer]

• allow enabling TLS with own certificate
• allow DNS TXT record validation instead of web-challenge (might be covered by the own cert already?)
• allow using arbitrary "static domain" to allow LAN only arbitrary hostnames

[fire]

Is there anything I can do to increase priority for DNS TXT record validation?

[daringer]

Low-prio means "not planned for the next major" release (1.1), we can clearly consider this for 1.2 then.
Further you could check: https://support.nitrokey.com/t/nextbox-herunterfahren-und-zertifikate/3199 (even if in German) it describes roughly how to set up an own certificate, this might be a workaround for you until then

[fire]

Ah, I'll check back in two weeks.

I don't understand German. I don't know how to read that page.

[daringer]

There are various possibilities to translate to english, inside chrom-ish browsers just a right click and "translate to english" or you could use one of the various web-translators.

[daringer]

this is partly solved by the current approach for "guided dns configuration", acquiring a certificate works using a DNS-verification.