Hello All,
I have a working letsencrypt system that works perfect when using manual DNS challenges.
and I am trying to convert the same into an automated system.
here is my creation/renewal command: # certbot certonly --manual --preferred-challenges dns --cert-name dom.tld -d *.dom.tld,dom.tld --manual-auth-hook /root/scripts/letsencrypt/dnsauthenticator.sh --manual-cleanup-hook /root/scripts/letsencrypt/cleanup.sh
I ran certbot renew and it gave me PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.'). Skipping. in letsencrypt.log
I added the --manual-auth-hook to the command but it seems like $CERTBOT_DOMAIN variable is not populated.
Here is my dnsauthenticator.sh:
#!/bin/bash
CREATE_DOMAIN="_acme-challenge.$CERTBOT_DOMAIN"
echo date" TXT record to create: “$CREATE_DOMAIN” IN TXT “$CERTBOT_VALIDATION >> /var/log/letsencrypt/letsencrypt.log
echo $CREATE_DOMAIN” TXT "$CERTBOT_VALIDATION >> /root/scripts/letsencrypt/records/$CERTBOT_DOMAIN #sleep 70
echo “server myNS.domain.tld
update add _acme-challenge.$CERTBOT_DOMAIN 600 TXT $CERTBOT_VALIDATION
send” | nsupdate
sleep 60
currently I am using certbot certonly --manual --preferred-challenges dns --cert-name dom.tld -d *.dom.tld,dom.tld --manual-auth-hook /root/scripts/letsencrypt/dnsauthenticator.sh --manual-cleanup-hook /root/scripts/letsencrypt/cleanup.sh for creating and renewals.
and wondering if there is a way to automate this. I donot intent to use http for renewals because of my current infrastructure.
My system is running Debian buster: Linux HOSTNAME 4.19.0-4-amd64 #1 SMP Debian 4.19.28-2 (2019-03-15) x86_64 GNU/Linux
Help appreciated.