Certbot HTTP authenticator that works with any web server.
Project description
certbot-standalone-nfq
HTTP authenticator plugin for Certbot which is compatible with any web server! (Linux only and root
is required.)
How?
It works by asking the Linux kernel to temporarily divert incoming port 80 HTTP traffic into a queue. The Certbot plugin then picks out the Let's Encrypt validation requests from the queue and responds to them. All other traffic reaches its original destination, totally unchanged. This all happens very quickly and no traffic disruptions occur.
Why?
- Avoids messing about with any webserver configuration, meaning that it can work well with tricky webservers like Apache Tomcat.
- Avoids having a proxy in front of your normal webserver, which means all source addresses (and indeed every network packet) are totally preserved!
It is inspired by this community thread.
Installation
via snap
Using the certbot
snap is the easiest way to use this plugin. See here for instructions on installing Certbot via snap
.
sudo snap install certbot-standalone-nfq
sudo snap set certbot trust-plugin-with-root=ok
sudo snap connect certbot:plugin certbot-standalone-nfq
via pip
A source tarball is available.
How did you install Certbot? | How to install the plugin |
---|---|
From snap |
Don't use pip ! Use the snap instructions above. |
Using the official Certbot pip instructions |
sudo /opt/certbot/bin/pip install certbot-standalone-nfq |
From apt , yum , dnf or any other distro package manager. (Requires Certbot 1.25.0 or newer.) |
pip install certbot-standalone-nfq |
Usage
certbot-standalone-nfq
should just work without having to configure anything:
certbot certonly -a standalone-nfq \
-d "example.com" -d "www.example.com" \
--dry-run
If (for some reason, like port forwarding shenanigans) your web server is listening on
a port other than 80, you can use the --http-01-port
argument of Certbot to change
the port that the plugin will divert the traffic from.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file certbot-standalone-nfq-0.1.3.tar.gz
.
File metadata
- Download URL: certbot-standalone-nfq-0.1.3.tar.gz
- Upload date:
- Size: 14.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.12.2
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 73c88c0756c8f857af9f8ac9cc9f00c04f991c79d2a118f78d262d639c0823bb |
|
MD5 | 8d4f9f1200889f36e896d649acfd29b0 |
|
BLAKE2b-256 | 19f901057bfca6a64d1a1be93a88ce873d759f14adeab26b01781d28d417ebad |