Background: I want to automate my wildcard certificate through NameCheap DNS provider. I would like to use Standalone DNS Authenticator plugin for Certbot to accomplish this. However, there seems to be a gap between the "old" certbot-auto framework and this new Snap-based installation. I am using other Namecheap dns features (email forwarding, for example) so switching to digitalocean name services is undesirable. None of the other certbot installation methods appear to be supported...
How can I use (or modify) the existing third-party DNS plugin to work in a modern (2022) certbot installation?
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
mycology.zone
I ran this command:
snap install certbot-dns-standalone
It produced this output:
error: snap "certbot-dns-standalone" not found
My web server is (include version):
nginx/1.18.0
The operating system my web server runs on is (include version):
Debian GNU/Linux 11 (bullseye)
My hosting provider, if applicable, is:
digitalocean
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.27.0
I don't have access to snap, so I can't test anything with it, but doesn't the snap Python also use the local machines Python path to search for possible libraries?
I am willing to modify the project to work with the current framework, but I'm kind of lost in the developer documentation. Any pointers to getting started, that aren't outdated? There's not a clear line between the "old" and "new" frameworks.
I don't see any way to automate any of these with NameCheap DNS.
No, do you have any pointers? I don't want to manually intervene evrery 2-3 months. I am open to other solutions.
I have no idea how to answer this question... I tried installing the plugin with pip3 and the certbot didn't find it... beyond that i'm lost! Do you have any pointers to more information about this?
This looks promising! I thought I couldn't get namecheap API access (https://www.namecheap.com/support/knowledgebase/article.aspx/9739/63/api-faq/#c), but it looks like I can add $50 to my account to turn it on. Alternatively I might be able to do a standalone dns server like the plugin I referenced, using this acme client. Thanks for the link! I'll update with my results.
It does indeed.. If the Python versions differ between Snaps version and the local system version, it wouldn't work I think. But if the local system happens to also have libraries for the same Python version as Snap, why wouldn't it be able to work?
I myself won't be using snap also. I can't even run it on my OpenRC Gentoo. And I don't want to use it. Terrible waste of resources, those containers containing everything.
I mentioned that I'm using other Namecheap features that make this undesirable.. such as their email forwarding service. If automating the wildcard certificates proves infeasible, I'll change nameservers.
Good to know... the official docs say "installing Certbot through pip is only supported on a best effort basis and when using a virtual environment," which was rather offputting. With your testimonial, I'll give pip a shot.
It's not ideal, especially regarding updating et cetera, which has to be done manually within the virtual environment. But it's also certainly not impossible and sometimes one of the only viable methods.
