Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
Robin Thoni 5d1e939120 pycharm files il y a 7 ans
.idea pycharm files il y a 7 ans
certbot_pdns removed arguments short flag il y a 7 ans
.gitignore init il y a 8 ans
README.md README.md il y a 7 ans
certbot-pdns.json improved setup il y a 7 ans
setup.cfg improved setup il y a 7 ans
setup.py improved setup il y a 7 ans

README.md

certbot-pdns

Authenticator plugin for certbot (https://certbot.eff.org/).

Perform a DNS-01 challenge using TXT record in a PowerDNS (https://doc.powerdns.com/md/)

The advantages are:

  • No need to configure your web server to serve challenges
  • Web server not even needed
  • Can generate certificate for internal hosts that are not exposed to the Internet
  • A or CNAME record not even needed. Only the TXT record added by certbot-pdns matters.

Installation

Install or upgrade certbot:

pip install -U certbot

Install certbot-pdns from sources:

python setup.py install

Check that certbot-pdns:auth is listed when executing certbot --text plugins

Configuration

Configuration file: /etc/letsencrypt/certbot-pdns.json:

  • api-key: Your PowerDNS API Key as specified in property api-key in file /etc/powerdns/pdns.conf
  • base-url: The base URL for PowerDNS API. Require api=yes and api-readonly=no in file /etc/powerdns/pdns.conf
  • axfr-time: The time in seconds to wait for zone replication in slaves. Can be set to 0 if there is only one authoritative server for the zone.

Usage

Use certbot as usual but specify --authenticator certbot-pdns:auth certonly:

certbot --agree-tos --text --renew-by-default --authenticator certbot-pdns:auth certonly -d example.com -d www.example.com