Hurricane Electric DNS Authenticator plugin for Certbot
Install cerbot-dns-he to your Certbot's environment with pip. For example, the line below works for me after running certbot-auto
.
$ sudo /opt/eff.org/certbot/venv/bin/pip install cerbot-dns-he
You can also use git+https://github.com/TSaaristo/certbot-dns-he.git
or clone the repository and install from the directory, but pip is recommended.
Create a configuration file with your username and password:
certbot_dns_he:dns_he_user = Me
certbot_dns_he:dns_he_pass = my HE password
and chmod it to 600
:
$ chmod 600 dns_he.ini
Then request a certificate with something like:
$ certbot-auto certonly \
-a certbot-dns-he:dns-he --certbot-dns-he:dns-he-propagation-seconds 30 \
--certbot-dns-he:dns-he-credentials /home/me/dns_he.ini -d 'mydomain.com,*.mydomain.com' \
--server https://acme-v02.api.letsencrypt.org/directory --agree-tos \
--manual-public-ip-logging-ok --preferred-challenges dns -m [email protected]
You're done!
--certbot-dns-he:dns-he-propagation-seconds
controls the duration waited for the DNS record(s) to propagate.--certbot-dns-he:dns-he-credentials
specifies the configuration file path.These are stored in cerbot's renewal configuration, so they'll work on your automatic renewals.