Skip to main content

ACME-DNS DNS Authenticator plugin for Certbot

Project description

Build Status Coverage Status dependency status for latest release Quality Gate Status PyPI - Status PyPI - Python Version


ACME-DNS DNS Authenticator plugin for Certbot.

This plugin is built from the ground up and follows the development style and life-cycle of other certbot-dns-* plugins found in the Official Certbot Repository.


pip install --upgrade certbot
pip install certbot-dns-acmedns


$ certbot plugins --text

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
* certbot-dns-acmedns:dns-acmedns
Description: Obtain certificates using a DNS TXT record (if you are using
Interfaces: IAuthenticator, IPlugin
Entry point: dns-acmedns = certbot_dns_acmedns.dns_acmedns:Authenticator



The (certbot) credentials file e.g. acmedns-credentials.ini should look like this:

# cat acmedns-credentials.ini
certbot_dns_acmedns:dns_acmedns_api_url = http://acmedns-server/
certbot_dns_acmedns:dns_acmedns_registration_file = /etc/certbot/acme-registration.json

This plugin does not do ACME-DNS registration and you are responsible to make sure /etc/certbot/acme-registration.json (in the example above) contains the registration data in the following format:

# cat /etc/certbot/acme-registration.json
  "": {
    "username": "6e14735c-2c6a-447e-b63d-a23ac4438bd7",
    "password": "dd6gnYS-IxrQfDLbdPRX3hrFhS_SLrwbS0kSl_i8",
    "fulldomain": "",
    "subdomain": "3b750a0e-c627-423f-9966-4799c6a9533b",
    "allowfrom": []

This format is the same as the one used in some other tools, e.g. cert-manager ACME-DNS plugin


certbot ... \
        --authenticator certbot-dns-acmedns:dns-acmedns  \
        --certbot-dns-acmedns:dns-acmedns-credentials /etc/certbot/acmedns-credentials.ini \


Why such long name for a plugin?

This follows the upstream nomenclature: certbot-dns-<dns-provider>.

Why do I have to use : separator in the name? And why are the configuration file parameters so weird?

This is a limitation of the Certbot interface towards third-party plugins.

For details read the discussions:


Create a virtualenv, install the plugin (editable mode), spawn the environment and run the test:

Prepare the support environment:

docker-compose up -d

You can also omit -d if you wish to see backend server logs side-by-side with the client.

Run certbot client

docker build -t certbot_acmedns_client -f test/Dockerfile test/
docker run -it --rm --network certbot-dns-acmedns_default --dns "" -v $PWD:/certbot-dns-acmedns certbot_acmedns_client sh -c 'pip3 install -e /certbot-dns-acmedns && /certbot-dns-acmedns/test/'


Copyright (c) 2020 DT Pan-Net s.r.o

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

certbot-dns-acmedns-0.1.0.tar.gz (6.8 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page