Robin Thoni 7 роки тому
джерело
коміт
60e7fba5b1
1 змінених файлів з 40 додано та 0 видалено
  1. 40
    0
      README.md

+ 40
- 0
README.md Переглянути файл

@@ -0,0 +1,40 @@
1
+certbot-pdns
2
+============
3
+
4
+Authenticator plugin for certbot (https://certbot.eff.org/).
5
+
6
+Perform a DNS-01 challenge using TXT record in a PowerDNS (https://doc.powerdns.com/md/)
7
+
8
+The advantages are:
9
+ - No need to configure your web server to serve challenges
10
+ - Web server not even needed
11
+ - Can generate certificate for internal hosts that are not exposed to the Internet
12
+ - A or CNAME record not even needed. Only the TXT record added by certbot-pdns matters.
13
+
14
+Installation
15
+------------
16
+
17
+Install or upgrade certbot:
18
+
19
+`pip install -U certbot`
20
+
21
+Install certbot-pdns from sources:
22
+
23
+`python setup.py install`
24
+
25
+Check that `certbot-pdns:auth` is listed when executing `certbot --text plugins`
26
+
27
+Configuration
28
+-------------
29
+
30
+Configuration file: `/etc/letsencrypt/certbot-pdns.json`:
31
+ - api-key: Your PowerDNS API Key as specified in property `api-key` in file `/etc/powerdns/pdns.conf`
32
+ - base-url: The base URL for PowerDNS API. Require `api=yes` and `api-readonly=no` in file `/etc/powerdns/pdns.conf`
33
+ - axfr-time: The time in seconds to wait for zone replication in slaves. Can be set to 0 if there is only one authoritative server for the zone.
34
+
35
+Usage
36
+-----
37
+
38
+Use certbot as usual but specify `--authenticator certbot-pdns:auth certonly`:
39
+
40
+`certbot --agree-tos --text --renew-by-default --authenticator certbot-pdns:auth certonly -d example.com -d www.example.com`

Завантаження…
Відмінити
Зберегти