alt Hacker NewsFor LetsEncrypt, routing is authentication: if packets routed to the IP in the A record end up at your place, you can get a cert for that domain.
For LetsEncrypt, routing is authentication: if packets routed to the IP in the A record end up at your place, you can get a cert for that domain.
DNSSEC and DNS-01 challenges might do the trick at the cost of significant effort, provided LE could be directed to check, similar to the way MTA-STS works.