GithubHelp home page GithubHelp logo

fransik / certbot-dns-transip Goto Github PK

View Code? Open in Web Editor NEW
4.0 1.0 2.0 123 KB

Certbot hook to solve a DNS-01 challenge using the TransIP API. Wildcard certs supported & Docker image available! :closed_lock_with_key:

License: MIT License

PHP 98.04% Dockerfile 1.96%
certbot letsencrypt transip transip-api dns-01 acme-v2 transip-api-v6

certbot-dns-transip's Introduction

Certbot DNS TransIP ๐Ÿ”

Release License CI Docker Image codecov

Looking for a way to get a Let's Encrypt (wildcard) certificate for the domain(s) that you registered with TransIP?

This script automates the process of completing a DNS-01 challenge for domains using the TransIP DNS service. The auth script is invoked by Certbot's --manual-auth-hook, which then creates the required challenge record using the TransIP API. After validation the --manual-cleanup-hook is invoked and the challenge record is removed again.

Requirements

  • A TransIP account with API access enabled
  • Docker or:
    • Certbot
    • Composer
    • PHP >= 7.3 with JSON and OpenSSL extensions enabled

Usage

This describes how to use the script via Docker. If you want to use the script on a system with Certbot & PHP installed follow these instructions.

  • Create a .env file with the following content:
TRANSIP_LOGIN=YOUR-LOGIN
TRANSIP_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----XXXXX-----END PRIVATE KEY-----"
  • Make sure your entire private key is on a single line (removing all newlines/spaces) and between double quotes
  • Run:
docker run -it --rm \
    --env-file /path/to/.env \
    -v "/etc/letsencrypt:/etc/letsencrypt" \
    -v "/var/lib/letsencrypt:/var/lib/letsencrypt" \
    fransik/certbot-dns-transip

After validation succeeds (this can take up to 10 minutes) you can find the certificate here: /etc/letsencrypt/live.

Certificate renewal

Make sure the following command runs daily (via cron for example):

docker run --rm \
    --env-file /path/to/.env \
    -v "/etc/letsencrypt:/etc/letsencrypt" \
    -v "/var/lib/letsencrypt:/var/lib/letsencrypt" \
    fransik/certbot-dns-transip renew

Test certificate

To request a test certificate run:

docker run -it --rm \
    --env-file /path/to/.env \
    -v "/etc/letsencrypt:/etc/letsencrypt" \
    -v "/var/lib/letsencrypt:/var/lib/letsencrypt" \
    fransik/certbot-dns-transip certonly \
    --test-cert \
    --preferred-challenges=dns \
    --manual \
    --manual-auth-hook bin/auth \
    --manual-cleanup-hook bin/cleanup

Manual installation

  • Clone this repository
  • Run composer install --no-dev
  • Rename config.php.dist to config.php
  • Update config.php with your TransIP login name and private key
  • Run:
certbot certonly \
    --preferred-challenges=dns \
    --manual \
    --manual-auth-hook /path/to/certbot-dns-transip/bin/auth \
    --manual-cleanup-hook /path/to/certbot-dns-transip/bin/cleanup \
    -d example.com -d "*.example.com"

After validation succeeds (this can take up to 10 minutes) you can find the certificate here: /etc/letsencrypt/live.

Certificate renewal

Should be automatic on most systems that have the certbot package installed. See certbot docs.

Test certificate

To request a test certificate run:

certbot certonly \
    --test-cert \
    --preferred-challenges=dns \
    --manual \
    --manual-auth-hook /path/to/certbot-dns-transip/bin/auth \
    --manual-cleanup-hook /path/to/certbot-dns-transip/bin/cleanup \
    -d example.com -d "*.example.com"

certbot-dns-transip's People

Contributors

fransik avatar

Stargazers

avatar avatar avatar avatar

Watchers

avatar

Forkers

swipswaps xkp-visual-engineers

certbot-dns-transip's Issues

Er wordt geen dns-aanpassing gedaan

ik krijg standaard de foutmelding:

Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.kodin-kauneus.net - check that a DNS record exists
for this domain

-Hans

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.