Skip to content
This repository has been archived by the owner on Jun 13, 2022. It is now read-only.


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

letsencrypt-inwx CircleCI Docker Pulls

A small cli utility for automating the letsencrypt dns-01 challenge for domains hosted by inwx. This allows you to obtain wildcard certificates from letsencrypt.


Ubuntu / Debian

  • Build the .deb package or download it from releases and install it with sudo dpkg -i <path_to_the_deb_file>

Other linux

  • Build the executable or download it from releases and copy it to /usr/bin/
  • Copy both certbot scripts from ./etc/ to /usr/lib/letsencrypt-inwx/

With cargo

  • Run cargo install letsencrypt-inwx


You can store the configuration file at /etc/letsencrypt-inwx.json or at ~/.config/letsencrypt-inwx.json when used with certbot or specify it's path with the -c option. The configuration file should look like this (without the comments):

    "accounts": [
            "username": "user",
            "password": "pass",
            // optional, if the domain is not configured all accounts will be tried
            "domains": [
            // optional, if true the public inwx test server will be used
            "ote": false
    // optional
    "options": {
        // optional, if true letsencrypt-inwx will not wait until the created record is publicly visible, default: false
        "no_dns_check": false,
        // optional, the amount of time in seconds to wait after creating a record, default: 5 seconds
        "wait_interval": 5,
        // optional: the dns server to use, default: the google public dns server
        "dns_server": ""


With Docker and certbot

  • Generate your certificate by running docker run --rm -it -v /etc/letsencrypt-inwx.json:/etc/letsencrypt-inwx.json -v /etc/letsencrypt:/etc/letsencrypt kegato/letsencrypt-inwx certonly --email <your_email> --preferred-challenges=dns-01 --manual --manual-auth-hook /usr/lib/letsencrypt-inwx/certbot-inwx-auth --manual-cleanup-hook /usr/lib/letsencrypt-inwx/certbot-inwx-cleanup --manual-public-ip-logging-ok -d <your_domain>
  • You can find your certificate in /etc/letsencrypt/live/<your_domain>/
  • You can renew your certificate by running docker run --rm -it -v /etc/letsencrypt-inwx.json:/etc/letsencrypt-inwx.json -v /etc/letsencrypt:/etc/letsencrypt kegato/letsencrypt-inwx renew

With certbot

  • You can get certificates from certbot by running sudo certbot certonly -n --agree-tos --email <your_email> --preferred-challenges=dns-01 --manual --manual-auth-hook /usr/lib/letsencrypt-inwx/certbot-inwx-auth --manual-cleanup-hook /usr/lib/letsencrypt-inwx/certbot-inwx-cleanup --manual-public-ip-logging-ok -d <your_domain>


  • Create a txt record with letsencrypt-inwx create -c <config_file> -d _acme-challenge.<your_domain> -v <acme_token>
  • Delete it with letsencrypt-inwx delete -c <config_file> -d _acme-challenge.<your_domain>



libssl-dev and pkg-config are required when building on Ubuntu / Debian see here.

.deb package

  • Install cargo-deb by running cargo install cargo-deb
  • Run cargo deb to build the package

only the executable

  • Run cargo build --release to build the letsencrypt-inwx executable