Automatic wildcard script


#1

I run the following command to create one certificate for multiple domains and wildcard subdomains

sudo ~/certbot/letsencrypt-auto certonly --manual -d *.example1.com -d example1.com -d *.example2.info -d example2.info -d example3.com -d *.example3.com --agree-tos --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory

It works fine but I need to add DNS txt records manually.

Is there a command to have the DNS txt records add automatically. I assume there could be some hook to nsupdate.


#2

Hi,

It highly depend on your DNS provider… if you have API access for your DNS provider, you can try search if there is an existing API script. Else, you would want to find some other DNS provider with API access and cname _acme-challenge.yourhost.tld to the DNS provider to automate the process.

Thank you


#3

Certbot has a dynamic update plugin, but Certbot’s DNS plugins aren’t yet easy to install on all platforms. (In particular, certbot-auto doesn’t install them.) What OS are you using?

https://certbot-dns-rfc2136.readthedocs.io/en/latest/


#4

Do you run nsupdate locally? If so, you might just script two hooks (adding and removal of the TXT RR) and use those scripts with --manual-auth-hook and --manual-cleanup-hook. See for more info: https://certbot.eff.org/docs/using.html#pre-and-post-validation-hooks


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.