Wiki

Home

API Help
- Access and Authentication
- Request Parameter Data Types
- Response formats
- Login API
- Get current IP address
- Get account balance
- DNS hosting
- Domain names
- Sub users
- Monitoring
- SSL
- Open source libs
- Scripts
Getting Started
Domain names
- Register New Domain
- Transfer your domain
- Renew your domain
- Domain Management
- Specific Rules for Glue Records
- Glue Records in .be
- Information for Registrants
- Privacy Protection
DNS Zones
- Master DNS Zone
- Secondary (Backup) DNS Zone
- Free Zone
- Master/Slave Reverse Zone
- Cloud Domains
- Primary/Secondary ENUM Zones
- Parked Zone
- Slave DNS with hidden master
- DNS zones and how do they count
- Disable/enable DNS zones
DNS Records
- SOA Record
- A Record
- AAAA Record
- MX Record
- CNAME Record
- TXT Record
  - DKIM Record
  - DMARC Record
  - SPF/TXT Duplication
- SPF Record
- NS Record
- SRV Record
- DS Record
- Web Redirect Record
- Web Redirect with SSL
- ALIAS Record
- RP Record
- SSHFP Record
- PTR Record
- NAPTR Record
- CAA record
- TLSA Record
- CERT record
- OPENPGPKEY record
- HINFO record
- SMIMEA record
- DNAME record
- LOC record
- Wildcard DNS Record
- What is TTL?
- Records templates
  - Mail Forwards
  - Gmail
  - Heroku
  - Heroku SSL
  - Zoho
  - Tumblr
  - Blogger
  - GitHub
  - Microsoft Azure
  - Weebly
  - Amazon Web Services
  - Google Sites
  - Google Calendar
  - Google Docs
  - Google Talk
  - WordPress
  - SupaDupa
  - Bitbucket
  - Divshot
  - Aldryn
  - Instapage
  - Enjin
  - Fastly
  - Format
  - atmail
  - FastMail
  - KickoffLabs
  - launchrock
  - Mailgun
  - paperplane.io
  - Tender Support
  - Squarespace
  - SimplyBuilt
  - Shopify
  - Pobox
  - Ghost
  - Office 365
  - Yandex
  - Minecraft
  - Mail.Ru
  - MailChimp
  - ImprovMX
  - Rackspace Email
  - TeamSpeak
- Round-Robin DNS
- Records deactivation/activation
Dynamic DNS
- Getting Started with Dynamic DNS
- Dynamic DNS scripts for Linux
- Dynamic DNS scripts
- Dynamic DNS for *NIX
- Dynamic DNS for macOS
- Dynamic DNS script for macOS
- Dynamic DNS for Windows
- Dynamic DNS script for Windows
- DynDNS with multiple interfaces
- Dynamic DNS for Synology
- Dynamic DNS with pfSense
- Dynamic DNS with OPNsense
- Dynamic DNS for MikroTik
- Dynamic DNS for Android
- Dynamic DNS with DD-WRT
- Dynamic DNS with FreeNAS
- Dynamic DNS for Generic Router
- Dynamic DNS Notifications
GeoDNS
- Block visitors by country
DNS Failover
- ICMP Ping
Monitoring
- ICMP Ping
- Web monitoring
- TCP monitoring
- UDP monitoring
- DNS monitoring
- Heartbeat Monitoring
- Firewall monitoring
- SSL/TLS Monitoring
- SMTP monitoring
- Streaming monitoring
- Notifications
Failover & Monitoring nodes
DNSSEC
- Activating DNSSEC with GoDaddy
- Activating DNSSEC with OVH
Mail Forwards
- Mail Forwards for external zones
- Greylisting
Reseller's panel
- Reseller Panel Customization and Settings
- Reseller Panel API
  - JSON
    - Login
  - SSO
    - Direct Login
    - SSO Session Login
SSL certificate
- How to order SSL certificate
- Generate CSR on Windows
- Generate CSR on Linux
- Generate CSR on cPanel
- Install SSL on Apache
- Install SSL on NGINX
- Install SSL on IIS 7
- Install SSL in WHM/cPanel
- How to renew SSL certificate
- acme.sh client fo Let's Encrypt, ZeroSSL and others
- Let's Encrypt SSL certificates with Certbot
- Issuing a certificate with Cert-Manager
- SSL in VMware Horizon View 7
- How to reissue SSL certificate
- Change verification mail of SSL
- Certificate Transparency
- ACME with OPNsense
- ACME with Home Assistant
- ACME with Proxmox
WHMCS
- Change log
- How to upgrade
- Registered domains mode
- Translation
Products and Services
- Google Workspace
- Dedicated IPs
- Our services
- Hide your IP address
- Free Migration to ClouDNS
Features
- Auto-Renewal
- Zone shares
- DNS Branding
- Groups
- Free SSL
Profile
- Account Balance
- Subscriptions
- Two-Factor Authentication
- Default SOA settings
- Change your e-mail
- Email Notifications
Misc
- Change ownership of a DNS Zone
- How to delegate a sub-domain
- Slave DNS with PowerDNS
- Not sending out Glue Records
- Custom domain in Blogger
- Issues with nslookup
- Authoritative vs Resolving DNS
- Missing nameservers
- What is a DNS query?
- Changing name servers by plan
- Unknown AXFR requests
Commands
- 10 DNS questions solved with DIG
- 10 DNS questions for nslookup

ACME with OPNsense

OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources.

One of the requirements for the use of OPNsense with ClouDNS is to have access to our HTTP API. All our Premium DNS and DDoS Protected DNS plans include access to the HTTP API and can be used to generate free SSL certificates with Cerbot for any hostname you need. Another important condition is, that your domain is delegated to our name servers and the DNS for the domain name is hosted on our side.

How to configure ACME with OPNsense

Install OPNsense. You can download it from here
Install the ACME Plugin. You can download the plugin from here
After installation go to Services > ACME Client > Settings and enable plugin
After enabling plugin go to Services > ACME Client > Accounts and create an account used for Let’s Encrypt as shown in the image below.
After registration Let's Encrypt go to Services > ACME Client > Challenge Types and configure ClouDNS as shown in the example. You can use either your auth-user id or sub-user id at ClouDNS. If you have not created an auth-user or sub-user, you can do this from here.
After setting up Challenge Types go to Services > ACME Client > Certificates and configure the certificate you want to use. Select the previously created Challenge Type and Renew Webinterface automation as shown.
Last, select the Issue or Renew certificate command.

Difference between Sectigo SSL certificates and Let's Encrypt SSL certificates

As you know, ClouDNS provides Sectigo SSL certificates. Currently, there is no difference in the security between the provided Positive SSL certificates and Let's Encrypt SSL certificates. The advantage of the Positive SSL certificates is that they are issued by Sectigo for 1 year (Let's Encrypt certificates are issued for 3 months) and the relying party warranty they have. The Let's Encrypt SSL certificates are a good option for mail servers, control panels, internal systems, and other types of administrative services, but using trusted SSL certificates is still an advantage for commercial websites.

Last modified: 2024-07-05