Vous ne pouvez pas sélectionner plus de 25 sujets
Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
Robin Thoni
5d1e939120
pycharm files
|
il y a 7 ans | |
|---|---|---|
| .idea | il y a 7 ans | |
| certbot_pdns | il y a 7 ans | |
| .gitignore | il y a 7 ans | |
| README.md | il y a 7 ans | |
| certbot-pdns.json | il y a 7 ans | |
| setup.cfg | il y a 7 ans | |
| setup.py | il y a 7 ans |
README.md
README.md
certbot-pdns
Authenticator plugin for certbot (https://certbot.eff.org/).
Perform a DNS-01 challenge using TXT record in a PowerDNS (https://doc.powerdns.com/md/)
The advantages are:
- No need to configure your web server to serve challenges
- Web server not even needed
- Can generate certificate for internal hosts that are not exposed to the Internet
- A or CNAME record not even needed. Only the TXT record added by certbot-pdns matters.
Installation
Install or upgrade certbot:
pip install -U certbot
Install certbot-pdns from sources:
python setup.py install
Check that certbot-pdns:auth is listed when executing certbot --text plugins
Configuration
Configuration file: /etc/letsencrypt/certbot-pdns.json:
- api-key: Your PowerDNS API Key as specified in property
api-keyin file/etc/powerdns/pdns.conf - base-url: The base URL for PowerDNS API. Require
api=yesandapi-readonly=noin file/etc/powerdns/pdns.conf - axfr-time: The time in seconds to wait for zone replication in slaves. Can be set to 0 if there is only one authoritative server for the zone.
Usage
Use certbot as usual but specify --authenticator certbot-pdns:auth certonly:
certbot --agree-tos --text --renew-by-default --authenticator certbot-pdns:auth certonly -d example.com -d www.example.com