Feature #16279
closed
Support for custom DNS API
0%
Description
As in the subject, support specifying a custom DNS API similar to the dyndns system.
For example:
https://dns.myprovider/dyndns?authtoken=xxx&name=myfirewall.mydomain.com&content=%CHALLENGE%
Updated by Jim Pingle 3 months ago
- Status changed from New to Rejected
There are way too many variable factors involved for that to be viable. If the upstream ACME project adds something like that, perhaps, but there aren't any providers which could end up that simple. You have to write a custom script to handle the record addition, removal, and so on.
Updated by Bert Smith 3 months ago
With certbot there is an option: --manual-auth-hook /usr/local/bin/certbot-auth-hook.sh
does acme.sh have a similar option, and if so can it be supported?
If not, i will submit a feature request with acme.sh and see where it goes...
Otherwise it's difficult for those of us not using any of the existing major DNS providers.
Updated by Bert Smith 3 months ago
It can be just as simple as dyndns, as it's basically the same thing.
ACME when doing a dns challenge uses a static name for a TXT record _acme-challenge.yourdomain.. The authentication script just needs to change the value of that record to the one given by LE.
Several dyndns systems already work like this, you have an existing record and you're specifying a new value for it - doesn't matter what the type of the record is, and it doesn't care if the contents are an IP or an arbitrary string.