Skip to content
This repository has been archived by the owner on Feb 28, 2023. It is now read-only.

Certbot plugin enabling dns-01 challenge on the Hetzner DNS API

License

Notifications You must be signed in to change notification settings

BigMichi1/certbot-dns-hetzner

 
 

Repository files navigation

Hetzner DNS Authenticator certbot plugin

codecov Tests, Coverage PyPI version Supported Python

Get it from the Snap Store

This certbot plugin automates the process of completing a dns-01 challenge by creating, and subsequently removing, TXT records using the Hetzner DNS API.

Install

Install this package via snap after certbot has been installed via snap

snap install certbot-dns-hetzner
snap connect certbot:plugin certbot-dns-hetzner
snap connect certbot-dns-hetzner:certbot-metadata certbot:certbot-metadata

to verify that the installation was successfull execute the certbot plugins, which should list the plugin

* dns-hetzner
Description: Obtain certificates using a DNS TXT record (if you are using
Hetzner for DNS).
Interfaces: IAuthenticator, IPlugin
Entry point: dns-hetzner = certbot_dns_hetzner.dns_hetzner:Authenticator

when the plugin is not listed, you should check that snap connections has the following entries

Interface            Plug                                  Slot                         Notes
content[metadata-1]  certbot-dns-hetzner:certbot-metadata  certbot:certbot-metadata     manual
content[certbot-1]   certbot:plugin                        certbot-dns-hetzner:certbot  manual

Usage

To start using DNS authentication for the Hetzner DNS API, pass the following arguments on certbot's command line:

Option Description
--authenticator dns-hetzner select the authenticator plugin (Required)
--dns-hetzner-credentials Hetzner DNS API credentials INI file. (Required)
--dns-hetzner-propagation-seconds Seconds to wait for the TXT record to propagate

Credentials

From the hetzner DNS control panel at https://dns.hetzner.com go to "API Tokens" and add a personal access token.

An example credentials.ini file:

dns_hetzner_api_token = nohnah4zoo9Kiejee9aGh0thoopee2sa

Examples

To acquire a certificate for example.com

certbot certonly \\
 --authenticator dns-hetzner \\
 --dns-hetzner-credentials /path/to/my/hetzner.ini \\
 -d example.com

To acquire a certificate for *.example.com

   certbot certonly \\
     --authenticator dns-hetzner \\
     --dns-hetzner-credentials /path/to/my/hetzner.ini \\
     -d '*.example.com'

Thanks to

Of course certbot, which examples and documentation I used to implement this plugin. And to https://github.com/m42e/certbot-dns-ispconfig which served as an excellent example and README template as well.

About

Certbot plugin enabling dns-01 challenge on the Hetzner DNS API

Resources

License

Stars

Watchers

Forks

Languages

  • Python 96.2%
  • Shell 3.8%