contains a table of plugins. The entry for “DNS plugins” contains this description:
“This category of plugins automates obtaining a certificate by
modifying DNS records to prove you have control over a
domain. Doing domain validation in this way is
the only way to obtain wildcard certificates from Let’sEncrypt.”
That caused me confusion for a couple days because I saw many examples of people using the “manual” authenticator to obtain wildcard certificates.
Am I being too picky or should that description (… is the only way to obtain wildcard certificates…) be modified or elaborated?
I think I may have written this text originally and “in this way” is meant to refer to DNS-01 challenges rather than to Certbot DNS plugins. I can see that that’s confusing in its context.
My first thought to improve clarity would be to remove the reference to wildcards from the ‘Notes’ column for the DNS Plugins row and associate it with the ‘dns-01’ occurrences in the ‘Challenge-type’ column.
Specifically, put a footnote symbol next to ‘dns-01’ wherever it occurs and add a table footnote indicating that ‘dns-01’ is the only challenge-type that can be used to obtain wildcard certs. Since only DNS Plugins and Manual allow that challenge-type, they are the only ones that can be used for wildcards certificates.
Maybe there is something better.
I could try to open an issue as was suggested, but hopefully there is someone (Certbot engineer above ?) who knows that process better than I who could do that. Not trying to duck out of work but I’ve never done that.