Hello. Not sure if this is a good place to ask for help or not. Hopefully it is.
I am using ZeroSSL installed on a Win2016 server to get a wildcard certificate. The cert is being used for some RDS stuff. I’ve got things working and know how to generate the cert and load it where necessary using powershell. My issue now is automating the renewal process. Wildcard certs requires a client that support API 2 (like ZeroSSL) and has to be done through DNS. That DNS verification process is where I’m having trouble. I believe on Linux there are some clients that have things built already to automate the process as long as your DNS provider has an API for updating records. But from what I can tell ZeroSSL doesn’t have anything like that.
My DNS provider is CloudFlare which from what I can see has an API for deleting/adding/editing DNS records using your email and API Key. I’ve also found a decent amount of info on doing this from a Windows Server using powershell.
So if the ZeroSSL client doesn’t provide the necessary hooks into CloudFlare I’m thinking it would be possible to output the DNS challenge TXT record from ZeroSSL and “feed” it to a different powershell script. The ZeroSSL client would have to stay open and wait a bit for the TXT record to get added and then finish checking and return an appropriate response that it completed correctly.
Does anyone know if what I want to do is possible or already exists (for wildcards & DNS verification)? Anyone have any insight on how to get the ZeroSSL client to “output” the DNS TXT record so it can be used by a different script? The ZeroSSL docs feel a bit…sparse…when it comes to stuff like this.