Exactly! And I have my mail with 360 from day one - they offer a limited free 5 inboxes which I occasionally use so I do not have to deal with administering mail on my server and still use my domain name with it. Otherwise I would've left them in a heartbeat a while ago.
Doesn't Yandex 360 have an API to change the DNS settings? If so, maybe acme.sh and other plugins like certbot-dns-yandex could use that API.
3 Likes
Well the problem is that the support on my free account is bot-based only and that sucker does not know anything about it. The other option is to dig through their docs which I am doing as we speak to no avail so far
1 Like
That's the best I could get - no direct access only via Mail in 360 click I'll try and see if I can use Yandex for Mail and Cloudfare for the certs so I can kill 2 birds with one stone
That script hasn't been added to acme.sh, yet.
You could download the file from the PR (https://raw.githubusercontent.com/acmesh-official/acme.sh/10622d1863a8f0aae033d73b0fe8d31246cca8e4/dnsapi/dns_yandex360.sh) and put it in the dnsapi directory of your acme.sh (no clue where that would be though).
And use the dns-yandex360 DNS authenticator.
3 Likes
acme.sh is in root directory - but I will have to remove the old ppd first or does the script does both? I asked them in github so looks like a solution is close - will get back to it tomorrow
Well I replaced dns_yandex.sh with dns_yandex360.sh then I ran the same command and getting this error: Pending, The CA is processing your order, please just wait. (1/30)
*.vadim.com.ru:Verify error:DNS problem: NXDOMAIN looking up TXT for _acme-challenge.vadim.com.ru - check that a DNS record exists for this domain
Please add '--debug' or '--log' to check more details. And the --dnssleep won't work again.
When I re-run it spits out new TXT values for dns which --dnssleep should wait for:
Renew: '.vadim.com.ru'
[Wed May 24 08:23:27 MSK 2023] Renew to Le_API=https://acme-v02.api.letsencrypt.org/directory
[Wed May 24 08:23:28 MSK 2023] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Wed May 24 08:23:28 MSK 2023] Multi domain='DNS:.vadim.com.ru,DNS:vadim.com.ru'
[Wed May 24 08:23:28 MSK 2023] Getting domain auth token for each domain
[Wed May 24 08:23:31 MSK 2023] Getting webroot for domain='*.vadim.com.ru'
[Wed May 24 08:23:31 MSK 2023] Getting webroot for domain='vadim.com.ru'
[Wed May 24 08:23:31 MSK 2023] Can not find dns api hook for: dns_yandex
[Wed May 24 08:23:31 MSK 2023] You need to add the txt record manually.
[Wed May 24 08:23:31 MSK 2023] Add the following TXT record:
[Wed May 24 08:23:31 MSK 2023] Domain: '_acme-challenge.vadim.com.ru'
[Wed May 24 08:23:31 MSK 2023] TXT value: '_j6SYWZ8XE1S9tSPweKGFW2fV_npZiQJMyIzct9x8PI'
[Wed May 24 08:23:31 MSK 2023] Please be aware that you prepend _acme-challenge. before your domain
[Wed May 24 08:23:31 MSK 2023] so the resulting subdomain will be: _acme-challenge.vadim.com.ru
[Wed May 24 08:23:31 MSK 2023] Can not find dns api hook for: dns_yandex
[Wed May 24 08:23:31 MSK 2023] You need to add the txt record manually.
[Wed May 24 08:23:31 MSK 2023] Add the following TXT record:
[Wed May 24 08:23:31 MSK 2023] Domain: '_acme-challenge.vadim.com.ru'
[Wed May 24 08:23:31 MSK 2023] TXT value: '7bb6E1ScmUjkyJgCKi47yZ6pPbMqQwJEFRAb-IGEc-s'
[Wed May 24 08:23:31 MSK 2023] Please be aware that you prepend _acme-challenge. before your domain
[Wed May 24 08:23:31 MSK 2023] so the resulting subdomain will be: _acme-challenge.vadim.com.ru
[Wed May 24 08:23:31 MSK 2023] Please add the TXT records to the domains, and re-run with --renew.
[Wed May 24 08:23:31 MSK 2023] Please add '--debug' or '--log' to check more details.
[Wed May 24 08:23:31 MSK 2023] See: How to debug acme.sh · acmesh-official/acme.sh Wiki · GitHub
And if add them manually they come back with the previous error - running in circles
You probably also need to update the acme.sh command you're using to have the "360" in it somewhere.
I don't have experience with acme.sh, so I'm only able to provide limited help with that.
3 Likes
Well I haven't seen any notice of that so I just use the same command - it should pick up by the name I think
The log says otherwise and I think the code is just looking for the file DNSOPTION.sh in the dnsapi directory where DNSOPTION is whatever you put after --dns. With maybe some - to _ changes. Or not. I dunno.
If I look at the dns_yandex360.sh code I don't see anything like code that "registers" the plugin under the dns_yandex name. So I believe it's all just based on the filename.
3 Likes
I just tried running like this: acme.sh --renew --dns dns_yandex360 -d '*.vadim.com.ru' -d vadim.com.ru --dnssleep 3600 - same error and no timeout for sleep arg. I am all confused now - the script is there but does not work. Need a break
Could you provide the (error) log for the new command?
3 Likes
I've got an answer from Yandex confirming that they do use new API with a link to it's page. That's all
What is the link they provided?
Does it work for you?
4 Likes
the --dnssleep 600 parameter is working as expected for me
5 Likes
Here is a Pr for the new yadex api:
you can try on your side.
6 Likes