POST-Autorenewing wildcard LetsEncrypt certificates on Namecheap using certbot + acme-dns

blog.bryanroessler.com/_posts/2019-02-09-automatic-certbot-namecheap-acme-dns.md

@@ -94,7 +94,7 @@ Restart=on-failure
 WantedBy=multi-user.target
 ```
 
-Note (Ubuntu 17.04+): you can security-harden the above script on distros running newer kernels by executing as a non-privileged user in conjunction with the `AmbientCapabilities=CAP_NET_BIND_SERVICE` line. However, older kernels will cause systemd to choke on that line during service startup. If you choose to execute as a non-root user make sure to chown the `/etc/acme-dns/` and `/var/lib/acme-dns` directories!
+Note (Ubuntu 18.04+): you can security-harden the above script on distros running newer kernels by executing as a non-privileged user in conjunction with the `AmbientCapabilities=CAP_NET_BIND_SERVICE` line. However, older kernels will cause systemd to choke on that line during service startup. If you choose to execute as a non-root user make sure to chown the `/etc/acme-dns/` and `/var/lib/acme-dns` directories!
 
  4. Enable the service to run on startup and run it now: `sudo systemctl daemon-reload && sudo systemctl enable --now acme-dns.service`
 
@@ -104,8 +104,8 @@ Great, now you've got a DNS authentication server that can respond to ACME chall
 
 You will need to add two DNS records:
 
-1. an NS record for acme.<yoursite\>.com pointing to ns1.acme.\<yoursite\>.com
+1. an NS record for acme.<yoursite\>.com pointing to ns1.auth.\<yoursite\>.com
-2. a record for ns1.acme.<yoursite\>.com pointing to the public IP address of your host
+2. a record for ns1.auth.<yoursite\>.com pointing to the public IP address of your host
 
 Example: ![Example Namecheap DNS records](../assets/images/2019/02/example-namecheap-dns-records.png)