Automate new DNS

We are using certbot 1.11.on Nginx 1.19.5. The installation is uses a SNAP file. Everything works fine.
We want to change to use dns-01 challenge and I have read the documentation at

We currently host 4 domains on the server and plan to use dns-01 challenge to add to existing

The documentation provides for:
certbot certonly
--dns-dnsmadeeasy-credentials ~/.secrets/certbot/dnsmadeeasy.ini
This is clear.
My question relates to automatic renewals. If I have run the above script, will the automatic renewal process see I have the two host records and automatically attempt to update them, or do I need to make changes at other places for the update to occur? Certbot tells me that the timer to renew is handled by systemctl snap.certbot.renew.timer.

Where is the script that snap.certbot.renew.timer runs, and what changes are needed to be made to this?


1 Like

The timer will renew the certificate for you. You don't need to set up renewal separately.

Once you've created the DME certificate, you can test out renewal with:

certbot renew --dry-run

I have setup my example test following the example given at

Prior to running the command I had run:

sudo snap install certbot-dns-dnsmadeeasy


snap set certbot trust-plugin-with-root=ok

When I run the command in the certbot example I receive the following error:

certbot: error: unrecognized arguments: --dns-dnsmadeeasy-credentials /root/.secret s/certbot/dnsmadeeasy.ini

Any ideas?

1 Like

It's not clear to me which order you ran these in, but the second command needs to go first.

Does that solve your problem?

1 Like

Yes! Great thanks! That fixed it.


Is there a command that I can use to tell certbot that I wish to change from http to dns-01?
What would the syntax be?


--preferred-challenges dns

thanks again. I will need to wait on auto-renewal to see that new renewals do this.

You can test renewing with --dry-run

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.