The procedure to obtain certficate with dns is quite cumbersome and need to be repeated manually every 2-3month.
Basically we need to run ```docker run -i -t certbot/certbot certonly --manual -m firstname.lastname@example.org --agree-tos -d ldap.jenkins.io --preferred-challenges dns```
while the command is running, we need to create a dns TXT record then we can finish the procedure.
Each time we run this command, it generate a new TXT record value that need to be configured.
If ldap had public ip and no webserver running on it, we can use standalone mode to request a new certificate