Manual Verification Scripting


I’m attempting to setup an automated process based on the --manual plugin since my servers exist in multiple hosts and we use docker extensively.

My issue at the moment is how to get the acme-challenge codes in an non-interactive manner. I would like to script something like:

$ letsencrypt -d -d --manual --get-challenge

that would return the challenge for each domain, I would parse and setup it as I desire, and then invoke:

$ letsencrypt -d -d --manual --check-challenge

and it would validate all the domains.

Also, where do I get a list of all cli options available? I know from examples of flags like “–email” or “–agree-tos” but I can’t find a complete list, for example I would love to skip the “your IP will be logged” dialog.


See and/or


Personally I would go with something like in your scenario. It’s a Ruby gem (=package), so you could write a Ruby script that takes care of the ACME bits and the other stuff you need to serve challenge files.

README contains a basic sample script. Getting the challenge file name and content is as simple as calling challenge.filename and challenge.file_content.

(Not to make this too Ruby-focused: There are similar libraries for other languages, take a look at the list of client implementations.)