Certbot Plugin to handle DNS-01 challenges for bawue.net managed domains
pip install 'git+https://github.com/bawuenet/certbot-dns-bawuenet'
In case certbot plugins does not show the installed plugin, verify using pip show certbot-dns-bawuenet where it was installed.
If it has been installed to /usr/local/lib/python*/site-packages certbot might not find it. Either symlink to
/usr/lib/python*/site-packages or reinstall using the --prefix parameter:
pip install --prefix=/usr 'git+https://github.com/bawuenet/certbot-dns-bawuenet'
To start using DNS authentication for bawuenet, pass the following arguments on certbot's command line:
| Option | Description |
|---|---|
--authenticator dns-bawuenet |
select the authenticator plugin (Required) |
--dns-bawuenet-credentials FILE |
bawue.net credentials INI file. (Required) |
--dns-bawuenet-propagation-seconds NUM |
waiting time for DNS to propagate before asking the ACME server to verify the DNS record. (Default: 5, Recommended: >= 600) |
--dns-bawuenet-wait |
wait until the change is actually present in DNS which has the benefit of not having to set a large propagation delay. |
Credentials are stored in an .ini file and referenced using the --dns-bawuenet-credentials parameter.
# MyBawue credentials used by Certbot
dns_bawuenet_username = bawueuser
dns_bawuenet_password = geheim
certbot -v \
certonly \
--authenticator dns-bawuenet \
--dns-bawuenet-credentials /root/bwn.ini \
--dns-bawuenet-wait \
-d 'test.example.net'