Certbot DNS-01 validation for wildcard certificates (ACME-v2)
I created this script to request wildcard SSL certificates from Let's Encrypt. You are required to do a DNS-01 challenge for which you need to create a DNS (TXT) record. TransIP has an API which allows you to automate this. When you need to renew your certificate you also need to perform the DNS-01 challenge again. This should happen automatically.
- PHP with XML and SOAP extensions enabled
- At least Certbot v0.22 for ACME-v2 support
- Download the TransIP API and extract the "Transip" folder in this project's directory
- Aquire an API key for TransIP in your account on their website
- Edit the Transip/ApiSettings.php and set your login and private key. Make sure you set the access to this file to only allow your user to read the contents of this file (on linux
chmod og-rwx Transip/ApiSettings.php)
Request a wildcard certificate
Use this command to request the certificate. Replace "/path/to/" with the actual path on your computer.
certbot --server https://acme-v02.api.letsencrypt.org/directory \ certonly --manual --preferred-challenges=dns \ --manual-auth-hook /path/to/auth-hook \ --manual-cleanup-hook /path/to/cleanup-hook \ -d 'domain.com' -d '*.domain.com'
If you need to do some testing use the staging environment from Let's Encrypt: