Today I used a script (dl.eff.org/certbot-auto) to install a wildcard certificate on my Raspberry Pi and that went without problems.
Unfortunately, from what I’ve read I have to manually recreate the TXT record for verification with every renewal, something I would like to be done automatically with a script.
Since I have API access, I wrote a PHP script that uses CMD_API_DNS_CONTROL to add a TXT DNS record using values entered in the URL to the PHP-script.
Unfortunately I have yet to figure out how to delete old TXT records that way. Apparently adding a TXT-record with the same name doesn’t overwrite the old one and the delete-examples I found were written for other types of records, I can’t get those to work…
Plus, how can I get the certbot-auto script to call the PHP-script? --help doesn’t show the options --manual-auth-hook and --manual-cleanup-hook, if those can’t be used, then what?