Certbot DNS-01 validation for wildcard certificates (ACME-v2)
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.gitignore
LICENSE
README.md
auth-hook
cleanup-hook
dns.php
hooks.php

README.md

certbot-transip-dns-01-validator

Certbot DNS-01 validation for wildcard certificates (ACME-v2)

I created this script to request wildcard SSL certificates from Let's Encrypt. You are required to do a DNS-01 challenge for which you need to create a DNS (TXT) record. TransIP has an API which allows you to automate this. When you need to renew your certificate you also need to perform the DNS-01 challenge again. This should happen automatically.

Requirements

  • PHP with XML and SOAP extensions enabled
  • At least Certbot v0.22 for ACME-v2 support

Installation

  • Download the TransIP API and extract the "Transip" folder in this project's directory
  • Aquire an API key for TransIP in your account on their website
  • Edit the Transip/ApiSettings.php and set your login and private key. Make sure you set the access to this file to only allow your user to read the contents of this file (on linux chmod og-rwx Transip/ApiSettings.php)

Request a wildcard certificate

Use this command to request the certificate. Replace "/path/to/" with the actual path on your computer.

certbot --server https://acme-v02.api.letsencrypt.org/directory \
certonly --manual --preferred-challenges=dns \
--manual-auth-hook /path/to/auth-hook \
--manual-cleanup-hook /path/to/cleanup-hook \
-d 'domain.com' -d '*.domain.com'

If you need to do some testing use the staging environment from Let's Encrypt:

--server https://acme-staging-v02.api.letsencrypt.org/directory