Constellix DNS Authenticator plugin for Certbot
Project description
certbot-dns-constellix Documentation
The certbot-dns-constellix plugin is used to automate the process of a dns-01 challenge in Certbot to allow the requesting and renewal of SSL certificates through the Constellix DNS API.
This is done through the process of adding and removing TXT records to the appropriate domain in your Constellix DNS account.
There are two different methods of installing, configuring and using the plugin depending on if you're using certbot installed through snapd or through your operating system's package manager.
Certbot Installed using Snapd
If you installed certbot using snapd, do the following to install and configure the plugin:
Installation
Run the following commands to install the plugin with snapd.
sudo snap install certbot-dns-constellix
sudo snap set certbot trust-plugin-with-root=ok
sudo snap connect certbot:plugin certbot-dns-constellix
Verify that the plugin is installed by running certbot plugins. You should see the dns-constellix plugin in the list.
Configuration
The plugin requires an API key and secret key for the Constellix DNS API. The key will need to have permissions to add and remove records on the domain you want to issue certificates for.
These will need to be added to a file, eg. constellix.ini in the following format:
dns_constellix_apikey=5fb4e76f-ac91-43e5-f982458bc595
dns_constellix_secretkey=47d99fd0-32e7-4e07-85b46d08e70b
dns_constellix_endpoint=https://api.dns.constellix.com/v1
Caution
You should secure this file from any unauthorised access. Anyone with access to these credentials and this file will be able to add and remove records from your domain. You should configure the file to not be readable by any other users on the system
Usage
Once the plugin is installed and configured it can be used by specifying the plugin in the certbot command and the location of the credentials file.
certbot certonly \
--authenticator=dns-constellix \
--dns-constellix-credentials=~./constellix.ini \
-d example.com
For more options please check the certbot documentation.
Certbot Installed using OS Package Manager/Python
If you installed certbot using your operating system's package manager (apt, yum, etc.) or directly with Python, you can install it using these instructions.
Installation
Run the following commands to install the plugin using pip.
sudo python3 -m pip install certbot-dns-constellix
Verify that the plugin is installed by running certbot plugins. You should see the dns-constellix plugin in the list.
Configuration
The plugin requires an API key and secret key for the Constellix DNS API. The key will need to have permissions to add and remove records on the domain you want to issue certificates for.
These will need to be added to a file, eg. constellix.ini in the following format:
certbot-dns-constellix:dns_constellix_apikey=5fb4e76f-ac91-43e5-f982458bc595
certbot-dns-constellix:dns_constellix_secretkey=47d99fd0-32e7-4e07-85b46d08e70b
certbot-dns-constellix:dns_constellix_endpoint=https://api.dns.constellix.com/v1
The extra certbot-dns-constellix: is required due to how older versions of Certbot load plugins.
Caution
You should secure this file from any unauthorised access. Anyone with access to these credentials and this file will be able to add and remove records from your domain. You should configure the file to not be readable by any other users on the system
Usage
Once the plugin is installed and configured it can be used by specifying the plugin in the certbot command and the location of the credentials file.
certbot certonly \
--authenticator=certbot-dns-constellix:dns-constellix \
--certbot-dns-constellix:dns-constellix-credentials=~./constellix.ini \
-d example.com
The extra certbot-dns-constellix: is required due to how older versions of Certbot load plugins.
For more options please check the certbot documentation.
License
Copyright 2020 Constellix, a division of Tiggee LLC.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and limitations under the License.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for certbot-dns-constellix-0.2.2.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 28ab5c4a5362b92974098dbcb687651868f6ebd5924eade9e1abe7f24f1a3cc1 |
|
| MD5 | 9a9211ef19feae8ba4d3e90676d95eac |
|
| BLAKE2b-256 | 84e2284cd110a68d8c40884271c89ec6cc8bb222202b62632523878fc586a13e |
Hashes for certbot_dns_constellix-0.2.2-py2.py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 4d181c31ae46bd10afccde05a64ed746455d32e2d319404ce505e40eb74b41ff |
|
| MD5 | 292b9a33e9fb3c1c80e664329aede753 |
|
| BLAKE2b-256 | d6132adaccd81962b62a61bc233c52a96a608e16fa1ee0bf9ca6bf0430d16b35 |
