Quick hack to use letsencrypt DNS challenge with dnsimple
Ruby
Latest commit 4d92593 Dec 3, 2016 @danp committed on GitHub Merge pull request #3 from tyrone-sudeium/master
Adds output file base override config option
Permalink
Failed to load latest commit information.
.gitignore
.ruby-version init Jan 28, 2016
Gemfile
Gemfile.lock use released acme-client Jan 29, 2016
LICENSE Initial commit Jan 28, 2016
README.md Adds output file base override config option Dec 3, 2016
main.rb Adds output file base override config option Dec 3, 2016

README.md

letsencrypt-dnsimple

Quick hack to use the letsencrypt DNS challenge with dnsimple.

Running with installed ruby

Requires ruby 2.3.0.

$ gem install bundler
$ bundle install
$ DNSIMPLE_API_USER=you@foo.org \
  DNSIMPLE_API_TOKEN=... \
  NAMES=foo.org,www/foo.org \
  ACME_CONTACT=mailto:you@foo.org \
  bundle exec ruby main.rb

.pem files will be written to files named after the value of NAMES, with the above config they would match foo.org_www.foo.org-*:

foo.org_www.foo.org-cert.pem
foo.org_www.foo.org-chain.pem
foo.org_www.foo.org-fullchain.pem
foo.org_www.foo.org-key.pem

Running with Docker

Check out https://github.com/meskyanichi/dockerized-letsencrypt-dnsimple which wraps this in a Docker container so a ruby install is not needed.

Config

Comes from the environment.

  • DNSIMPLE_API_USER and DNSIMPLE_API_TOKEN: get these from https://dnsimple.com/user
  • NAMES: a ,-separated list of names that will be in the requested cert. Use / instead of . to denote the separation between subdomain and dnsimple domain. For example, to request a cert for www.danp.net, where danp.net is the domain dnsimple knows about, you'd use www/danp.net.
  • ACME_CONTACT: the contact to use for registration
  • LETSENCRYPT_ENDPOINT: optional, defaults to the production endpoint at https://acme-v01.api.letsencrypt.org/
  • OUTPUT_FILE_BASE: optional, if specified, overrides the output filename base