Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command: certbot certonly --manual --manual-auth-hook ‘/data/prod/acme-dns/acme-dns-certbot-hook -config /data/prod/nginx/certbot/vicimus-me.json’ --preferred-challenges dns -d *.vicimus.me
It produced this output: To be honest I tried so many things I don’t even know what direction to go in now.
I have 2 web servers on aws that point to a /data drive on glusterFS where I load my webcontent. Originally I had certbot running in docker but now I would like to have it run on a standalone machine where the certs will be able to auto renew.
I spent a few days trying to get acme-dns to work because I read that godaddy does not have a dns pluggin and my employer has many domains there. At this point I would like to resolve in the easiest way possible.
My web server is (include version): Nginx
The operating system my web server runs on is (include version): Ubuntu 18
My hosting provider, if applicable, is: AWS
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.31.0
Since you mentioned GoDaddy DNS, you could try to use GoDaddy DNS API (if you have access to it) and use manual auth hook to update DNS records.
Here’s a tutorial from search engine that might help you archieve the need (Since i don’t have a GoDaddy registered domain, i’m not sure if that’ll work or not):
P.S. You could use CNAME records to CNAME _acme-challenge.domain.tld to a domain that you could automate. (For example, CNAME _acme-challenge.domain.com to dm-acme.vicimus.me and add TXT records to dm-acme.vicimus.me)
where can I find an example of a --manual-auth script to work with the dns challenge. I seen one that was written for the webroot option. I tried to modify but not sucessful.
I am giving the dns-route53 a test and pointing to the current config folder. I was wondering if any of the following in my cert-domain.conf needs to be changed? I already have an account from doing the process manually when it was setup with docker. Should I dis-regard the account info and just try to get a new cert… what is the recommended way?