github
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh
1
0
Fork 0
Code Issues Releases Wiki Activity

Updated dnsapi (markdown)

master
Sergey Ponomarev 2023-08-15 11:52:44 +03:00
parent d66d1efa5a
commit 7cb8c126c6
1 changed files with 160 additions and 145 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

305
dnsapi.md

@ -158,8 +158,7 @@ https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode
<a name="dns_cf" />
<a name="dns_cf" />
## 1. CloudFlare Option:
@ -177,9 +176,11 @@ export CF_Email="<youremail@example.com>"
export CF_Token="<token>"
export CF_Account_ID="<id>"
```
In order to use the new token, the token currently needs access read access to Zone.Zone, and write access to Zone.DNS, across all Zones. See [Issue #2398](https://github.com/Neilpang/acme.sh/issues/2398) for more info.
In order to use the new token, the token currently needs access read access to Zone.Zone, and write access to Zone.DNS, across all Zones.
See [Issue #2398](https://github.com/acmesh-official/acme.sh/issues/2398) for more info.
Alternatively, if the certificate only covers a single zone, you can restrict the API Token only for write access to Zone.DNS for a single domain, and then specify the `CF_Zone_ID` directly:
Alternatively, if the certificate only covers a single zone, you can restrict the API Token only for write access
to Zone.DNS for a single domain, and then specify the `CF_Zone_ID` directly:
```sh
export CF_Token="<token>"
@ -195,7 +196,7 @@ Ok, let's issue a cert now:
The `CF_Key` and `CF_Email` or `CF_Token`and `CF_Account_ID`will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_dp" />
<a name="dns_dp" />
## 2. DNSPod.cn Option:
@ -219,7 +220,7 @@ The `DP_Id` and `DP_Key` will be saved in `~/.acme.sh/account.conf` and will be
~~Removed~~
<a name="dns_gd" />
<a name="dns_gd" />
## 4. Use GoDaddy.com domain API to automatically issue cert
@ -242,7 +243,7 @@ Ok, let's issue a cert now:
The `GD_Key` and `GD_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_pdns" />
<a name="dns_pdns" />
## 5. Use PowerDNS embedded API to automatically issue cert
@ -265,14 +266,14 @@ Ok, let's issue a cert now:
The `PDNS_Url`, `PDNS_ServerId`, `PDNS_Token` and `PDNS_Ttl` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_ovh" />
<a name="dns_ovh" />
## 6. Use OVH, Kimsufi, So you Start API to automatically issue cert
https://github.com/Neilpang/acme.sh/wiki/How-to-use-OVH-domain-api
See [How to use OVH domain API](https://github.com/acmesh-official/acme.sh/wiki/How-to-use-OVH-domain-api)
<a name="dns_nsupdate" />
<a name="dns_nsupdate" />
## 7. Use nsupdate to automatically issue cert
@ -341,7 +342,7 @@ Ok, let's issue a cert now:
The `NSUPDATE_SERVER`, `NSUPDATE_KEY`, and `NSUPDATE_ZONE` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_lua" />
<a name="dns_lua" />
## 8. Use LuaDNS domain API
@ -360,7 +361,7 @@ To issue a cert:
The `LUA_Key` and `LUA_Email` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_me" />
<a name="dns_me" />
## 9. Use DNSMadeEasy domain API
@ -379,11 +380,11 @@ To issue a cert:
The `ME_Key` and `ME_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_aws" />
<a name="dns_aws" />
## 10. Use Amazon Route53 domain API
https://github.com/Neilpang/acme.sh/wiki/How-to-use-Amazon-Route53-API
See [How to use Amazon Route53 API](https://github.com/acmesh-official/acme.sh/wiki/How-to-use-Amazon-Route53-API)
```sh
export AWS_ACCESS_KEY_ID="<key id>"
@ -404,7 +405,7 @@ export AWS_DNS_SLOWRATE=1 (sleep between API requests in seconds)
The `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY` and `AWS_DNS_SLOWRATE` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. The `AWS_DNS_SLOWRATE` will enable the sleep between API requests to AWS servers. It will help to mitigate the AWS rate limit
<a name="dns_ali" />
<a name="dns_ali" />
## 11. Use Aliyun domain API to automatically issue cert
@ -424,7 +425,7 @@ Ok, let's issue a cert now:
The `Ali_Key` and `Ali_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_ispconfig" />
<a name="dns_ispconfig" />
## 12. Use ISPConfig 3.1 API
@ -449,7 +450,7 @@ To issue a cert:
The `ISPC_User`, `ISPC_Password`, `ISPC_Api`and `ISPC_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_ad" />
<a name="dns_ad" />
## 13. Use Alwaysdata domain API
@ -465,11 +466,10 @@ Ok, let's issue a cert now:
./acme.sh --issue --dns dns_ad -d example.com -d www.example.com
```
The `AD_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused
when needed.
The `AD_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_linode_v4" />
<a name="dns_linode_v4" />
## 14. Use Linode domain API
@ -497,11 +497,10 @@ Ok, let's issue a cert now:
./acme.sh --issue --dns dns_linode_v4 --dnssleep 900 -d example.com -d www.example.com
```
The `LINODE_V4_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be
reused when needed.
The `LINODE_V4_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_freedns" />
<a name="dns_freedns" />
## 15. Use FreeDNS
@ -530,11 +529,10 @@ Note that you cannot use acme.sh automatic DNS validation for FreeDNS public dom
you create under a FreeDNS public domain. You must own the top level domain in order to automatically
validate with acme.sh at FreeDNS.
If you have any issues with FreeDNS API please report them here...
https://github.com/Neilpang/acme.sh/issues/2305
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2305)
<a name="dns_cyon" />
<a name="dns_cyon" />
## 16. Use cyon.ch
@ -560,7 +558,7 @@ The `CY_Username`, `CY_Password` and `CY_OTP_Secret` will be saved in `~/.acme.s
~~Removed~~
<a name="dns_gandi_livedns" />
<a name="dns_gandi_livedns" />
## 18. Use Gandi LiveDNS API
@ -576,7 +574,7 @@ Ok, let's issue a cert now:
```
<a name="dns_knot" />
<a name="dns_knot" />
## 19. Use Knot (knsupdate) DNS API to automatically issue cert
@ -594,7 +592,8 @@ include: /etc/knot/acme.key
Next, configure your zone to allow dynamic updates.
Dynamic updates for the zone are allowed via proper ACL rule with the `update` action. For in-depth instructions, please see [Knot DNS's documentation](https://www.knot-dns.cz/documentation/).
Dynamic updates for the zone are allowed via proper ACL rule with the `update` action.
For in-depth instructions, please see [Knot DNS's documentation](https://www.knot-dns.cz/documentation/).
```sh
acl:
@ -630,7 +629,7 @@ Ok, let's issue a cert now:
The `KNOT_SERVER` and `KNOT_KEY` and `KNOT_ZONE` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_dgon" />
<a name="dns_dgon" />
## 20. Use DigitalOcean API (native)
@ -646,11 +645,12 @@ Ok, let's issue a cert now:
```
<a name="dns_cloudns" />
<a name="dns_cloudns" />
## 21. Use ClouDNS.net API
You need to set the HTTP API user ID and password credentials. See: https://www.cloudns.net/wiki/article/42/. For security reasons, it's recommended to use a sub user ID that only has access to the necessary zones, as a regular API user has access to your entire account.
You need to set the HTTP API user ID and password credentials. See: https://www.cloudns.net/wiki/article/42/.
For security reasons, it's recommended to use a sub user ID that only has access to the necessary zones, as a regular API user has access to your entire account.
```sh
# Use this for a sub auth ID
@ -667,7 +667,7 @@ Ok, let's issue a cert now:
The `CLOUDNS_AUTH_ID` and `CLOUDNS_AUTH_PASSWORD` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_infoblox" />
<a name="dns_infoblox" />
## 22. Use Infoblox API
@ -687,7 +687,7 @@ Note: This script will automatically create and delete the ephemeral txt record.
The `Infoblox_Creds` and `Infoblox_Server` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_vscale" />
<a name="dns_vscale" />
## 23. Use VSCALE API
@ -703,7 +703,7 @@ Ok, let's issue a cert now:
```
<a name="dns_dynu" />
<a name="dns_dynu" />
## 24. Use Dynu API
@ -722,7 +722,7 @@ Ok, let's issue a cert now:
The `Dynu_ClientId` and `Dynu_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_dnsimple" />
<a name="dns_dnsimple" />
## 25. Use DNSimple API
@ -744,14 +744,12 @@ To issue the cert just specify the `dns_dnsimple` API.
./acme.sh --issue --dns dns_dnsimple -d example.com
```
The `DNSimple_OAUTH_TOKEN` will be saved in `~/.acme.sh/account.conf` and will
be reused when needed.
The `DNSimple_OAUTH_TOKEN` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
If you have any issues with this integration please report them to
https://github.com/pho3nixf1re/acme.sh/issues.
Report any bugs or issues [here](https://github.com/pho3nixf1re/acme.sh/issues)
<a name="dns_nsone" />
<a name="dns_nsone" />
## 26. Use NS1.com API
@ -765,7 +763,7 @@ Ok, let's issue a cert now:
```
<a name="dns_duckdns" />
<a name="dns_duckdns" />
## 27. Use DuckDNS.org API
@ -780,7 +778,7 @@ acme.sh --insecure --issue --dns dns_duckdns -d mydomain.duckdns.org
```
<a name="dns_namecom" />
<a name="dns_namecom" />
## 28. Use Name.com API
@ -800,10 +798,10 @@ And now you can issue certs with:
```
If you had Two-step Authentication enabled, make sure to change your security setting, read this guide for help: [Using API with Two-step Authentication](https://www.name.com/support/articles/360007989433-Using-API-with-Two-step-Authentication)
For issues, please report to https://github.com/raidenii/acme.sh/issues.
Report any bugs or issues [here](https://github.com/raidenii/acme.sh/issues)
<a name="dns_dyn" />
<a name="dns_dyn" />
## 29. Use Dyn Managed DNS API to automatically issue cert
@ -838,7 +836,7 @@ Ok, let's issue a cert now:
The `DYN_Customer`, `DYN_Username` and `DYN_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_yandex" />
<a name="dns_yandex" />
## 30. Use pdd.yandex.ru API
@ -853,10 +851,10 @@ Follow these instructions to get the token for your domain https://tech.yandex.c
Sometimes cloudflare / google doesn't pick new dns records fast enough. You can add `--dnssleep XXX` to params as workaround.
For issues, please report to https://github.com/non7top/acme.sh/issues.
Report any bugs or issues [here](https://github.com/non7top/acme.sh/issues)
<a name="dns_he" />
<a name="dns_he" />
## 31. Use Hurricane Electric
@ -875,27 +873,14 @@ Then you can issue your certificate:
The `HE_Username` and `HE_Password` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
Please report any issues to https://github.com/angel333/acme.sh or to <me@ondrejsimek.com>.
Report any bugs or issues [here](https://github.com/angel333/acme.sh) or to <me@ondrejsimek.com>.
## 32. Use UnoEuro API to automatically issue cert
**UPD** The UnoEuro is now Simple.com
First you need to login to your UnoEuro account to get your API key.
```sh
export UNO_Key="<key>"
export UNO_User="UExxxxxx"
```
Ok, let's issue a cert now:
```sh
./acme.sh --issue --dns dns_unoeuro -d example.com -d www.example.com
```
The `UNO_Key` and `UNO_User` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
**UPD** The UnoEuro is now [Simply.com](https://github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_simply)
<a name="dns_inwx" />
<a name="dns_inwx" />
## 33. Use INWX
@ -922,6 +907,9 @@ export INWX_Shared_Secret="<shared secret>"
You may need to re-enable the mobile tan to gain the shared secret.
<a name="dns_servercow" />
## 34. User Servercow API v1
Create a new user from the Servercow control center. Don't forget to activate **DNS API** for this user.
@ -939,7 +927,7 @@ Now you cann issue a cert:
Both, `SERVERCOW_API_Username` and `SERVERCOW_API_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_namesilo" />
<a name="dns_namesilo" />
## 35. Use Namesilo.com API
@ -956,7 +944,7 @@ And now you can issue certs with:
./acme.sh --issue --dns dns_namesilo --dnssleep 900 -d example.com -d www.example.com
```
<a name="dns_autodns" />
<a name="dns_autodns" />
## 36. Use autoDNS (InternetX)
@ -977,11 +965,11 @@ Then you can issue your certificates with:
The `AUTODNS_USER`, `AUTODNS_PASSWORD` and `AUTODNS_CONTEXT` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_azure" />
<a name="dns_azure" />
## 37. Use Azure DNS
You have to create a service principal first. See:[How to use Azure DNS](https://github.com/acmesh-official/acme.sh/wiki/How-to-use-Azure-DNS)
You have to create a service principal first. See: [How to use Azure DNS](https://github.com/acmesh-official/acme.sh/wiki/How-to-use-Azure-DNS)
```sh
export AZUREDNS_SUBSCRIPTIONID="<SUBSCRIPTIONID>"
@ -1011,7 +999,7 @@ Issuing certificates using managed identity clears previously set settings: `AZU
`AZUREDNS_SUBSCRIPTIONID` and `AZUREDNS_MANAGEDIDENTITY` will be saved in ~/.acme.sh/account.conf for future use.
<a name="dns_selectel" />
<a name="dns_selectel" />
## 38. Use selectel.com(selectel.ru) domain API to automatically issue cert
@ -1019,7 +1007,6 @@ First you need to login to your account to get your API key from: https://my.sel
```sh
export SL_Key="<key>"
```
Ok, let's issue a cert now:
@ -1030,7 +1017,7 @@ Ok, let's issue a cert now:
The `SL_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_zonomi" />
<a name="dns_zonomi" />
## 39. Use zonomi.com domain API to automatically issue cert
@ -1055,28 +1042,26 @@ Ok, let's issue a cert now:
The `ZM_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_dreamhost" />
<a name="dns_dreamhost" />
## 40. Use DreamHost DNS API
DNS API keys may be created at https://panel.dreamhost.com/?tree=home.api.
Ensure the created key has add and remove privelages.
Ensure the created key has `add` and `remove` privileges.
```sh
export DH_API_KEY="<api key>"
./acme.sh --issue --dns dns_dreamhost -d example.com -d www.example.com
```
The 'DH_API_KEY' will be saved in `~/.acme.sh/account.conf` and will
be reused when needed.
The `DH_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_da" />
<a name="dns_da" />
## 41. Use DirectAdmin API
The DirectAdmin interface has its own Let's encrypt functionality, but this
script can be used to generate certificates for names which are not hosted on
DirectAdmin
script can be used to generate certificates for names which are not hosted on DirectAdmin.
User must provide login data and URL to the DirectAdmin incl. port.
You can create a user which only has access to
@ -1101,7 +1086,7 @@ Ok, let's issue a cert now:
The `DA_Api` and `DA_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_zilore" />
<a name="dns_zilore" />
## 42. Use KingHost DNS API
@ -1116,7 +1101,7 @@ export KINGHOST_Password="yourpassword"
The `KINGHOST_username` and `KINGHOST_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_zilore" />
<a name="dns_zilore" />
## 43. Use Zilore DNS API
@ -1133,7 +1118,8 @@ Ok, let's issue a cert now:
The `Zilore_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_loopia" />
<a name="dns_loopia" />
## 44. Use Loopia API
@ -1169,11 +1155,10 @@ And to issue a cert run:
./acme.sh --issue --dns dns_loopia -d example.com -d *.example.com
```
The exported variables will be saved in `~/.acme.sh/account.conf` and
will be reused when needed.
The exported variables will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_acmedns" />
<a name="dns_acmedns" />
## 45. Use ACME DNS API
@ -1193,8 +1178,11 @@ https://github.com/joohoi/acme-dns
./acme.sh --issue --dns dns_acmedns -d example.com -d www.example.com
```
The credentials will be saved in `~/.acme.sh/account.conf` and will
be reused when needed.
The credentials will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_tele3" />
## 46. Use TELE3 API
First you need to login to your TELE3 account to set your API-KEY.
@ -1207,17 +1195,17 @@ export TELE3_Secret="<secret>"
./acme.sh --issue --dns dns_tele3 -d example.com -d *.example.com
```
The TELE3_Key and TELE3_Secret will be saved in ~/.acme.sh/account.conf and will be reused when needed.
The TELE3_Key and TELE3_Secret will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_euserv" />
<a name="dns_euserv" />
## 47. Use Euserv.eu API
First you need to login to your euserv.eu account and activate your API Administration (API Verwaltung).
[https://support.euserv.com](https://support.euserv.com)
Once you've activate, login to your API Admin Interface and create an API account.
Once you've activated, login to your API Admin Interface and create an API account.
Please specify the scope (active groups: domain) and assign the allowed IPs.
```sh
@ -1232,10 +1220,10 @@ Ok, let's issue a cert now: (Be aware to use the `--insecure` flag, cause euserv
The `EUSERV_Username` and `EUSERV_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
Please report any issues to https://github.com/initit/acme.sh or to <github@initit.de>
Report any bugs or issues [here](https://github.com/initit/acme.sh) or to <github@initit.de>
<a name="dns_gcloud" />
<a name="dns_dpi" />
## 48. Use DNSPod.com domain API to automatically issue cert
@ -1253,6 +1241,9 @@ Ok, let's issue a cert now:
The `DPI_Id` and `DPI_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_gcloud" />
## 49. Use Google Cloud DNS API to automatically issue cert
First you need to authenticate to gcloud.
@ -1272,10 +1263,10 @@ export CLOUDSDK_ACTIVE_CONFIG_NAME=default # see the note above
./acme.sh --issue --dns dns_gcloud -d example.com -d '*.example.com'
```
`dns_gcloud` also supports [DNS alias mode](https://github.com/Neilpang/acme.sh/wiki/DNS-alias-mode).
`dns_gcloud` also supports [DNS alias mode](https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode).
<a name="dns_netcup" />
<a name="dns_conoha" />
## 50. Use ConoHa API
@ -1295,6 +1286,9 @@ To issue a cert:
The `CONOHA_Username`, `CONOHA_Password`, `CONOHA_TenantId` and `CONOHA_IdentityServiceApi` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_netcup" />
## 51. Use netcup DNS API to automatically issue cert
First you need to login in your CCP account to get your API Key and API Password.
@ -1311,19 +1305,20 @@ Now, let's issue a cert:
The `NC_Apikey`,`NC_Apipw` and `NC_CID` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
## 52. Use GratisDNS.dk
Removed
https://github.com/acmesh-official/acme.sh/pull/4049
[Removed](https://github.com/acmesh-official/acme.sh/pull/4049)
<a name="dns_namecheap" />
<a name="dns_namecheap" />
## 53. Use Namecheap
You will need your namecheap username, API KEY (https://www.namecheap.com/support/api/intro.aspx) and your external IP address (or a URL to get it), this IP will need to be whitelisted at Namecheap.
Due to Namecheap's API limitation all the records of your domain will be read and re applied, make sure to have a backup of your records you could apply if any issue would arise.
You will need your namecheap username, API KEY (https://www.namecheap.com/support/api/intro.aspx) and your
external IP address (or a URL to get it), this IP will need to be whitelisted at Namecheap.
Due to Namecheap's API limitation all the records of your domain will be read and re applied,
make sure to have a backup of your records you could apply if any issue would arise.
```sh
export NAMECHEAP_USERNAME="..."
@ -1331,7 +1326,7 @@ export NAMECHEAP_API_KEY="..."
export NAMECHEAP_SOURCEIP="..."
```
NAMECHEAP_SOURCEIP can either be an IP address or a URL to provide it (e.g. https://ifconfig.co/ip).
The `NAMECHEAP_SOURCEIP` can either be an IP address or a URL to provide it (e.g. https://ifconfig.co/ip).
The username and password will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
@ -1341,10 +1336,10 @@ Now you can issue a certificate.
./acme.sh --issue --dns dns_namecheap -d example.com -d *.example.com
```
If you find any bugs of namecheap dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2107
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2107)
<a name="dns_mydnsjp" />
<a name="dns_mydnsjp" />
## 54. Use MyDNS.JP API
@ -1363,7 +1358,7 @@ To issue a certificate:
The `MYDNSJP_MasterID` and `MYDNSJP_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_hostingde" />
<a name="dns_hostingde" />
## 55. Use hosting.de API
@ -1390,7 +1385,7 @@ Ok, let's issue a cert now:
The hosting.de API key and endpoint will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_neodigit" />
<a name="dns_neodigit" />
## 56. Use Neodigit.net API
@ -1406,7 +1401,7 @@ Ok, let's issue a cert now:
Neodigit API Token will be saved in `~/.acme.sh/account.conf` and will be used when needed.
<a name="dns_exoscale" />
<a name="dns_exoscale" />
## 57. Use Exoscale API
@ -1427,7 +1422,7 @@ Now, let's issue a cert:
The `EXOSCALE_API_KEY` and `EXOSCALE_SECRET_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_pointhq" />
<a name="dns_pointhq" />
## 58. Using PointHQ API to issue certs
@ -1444,7 +1439,7 @@ You can then issue certs by using:
```
<a name="dns_active24" />
<a name="dns_active24" />
## 59. Use Active24 API
@ -1464,7 +1459,7 @@ Now, let's issue a cert, set `dnssleep` for propagation new DNS record:
The `ACTIVE24_Token` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_doapi" />
<a name="dns_doapi" />
## 60. Use do.de API
@ -1483,7 +1478,7 @@ To issue a certificate run:
The API token will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_nw" />
<a name="dns_nw" />
## 61. Use Nexcess API
@ -1504,10 +1499,10 @@ Finally, we'll issue the certificate: (Nexcess DNS publishes at max every 15 min
The `NW_API_TOKEN` and `NW_API_ENDPOINT` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
If you find any bugs of Nexcess dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2088
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2088)
<a name="dns_nw" />
<a name="dns_nw" />
## 62. Use Thermo.io API
@ -1529,7 +1524,7 @@ Finally, we'll issue the certificate: (Thermo DNS publishes at max every 15 minu
The `NW_API_TOKEN` and `NW_API_ENDPOINT` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_nw" />
<a name="dns_nw" />
## 63. Use Futurehosting API
@ -1550,6 +1545,9 @@ Finally, we'll issue the certificate: (Futurehosting DNS publishes at max every
The `NW_API_TOKEN` and `NW_API_ENDPOINT` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_rackspace" />
## 64. Use Rackspace API
Set username and API key, which is available under "My Profile & Settings"
@ -1565,14 +1563,14 @@ Now, let's issue a cert:
./acme.sh --issue --dns dns_rackspace -d example.com -d www.example.com
```
If you find any bugs of Rackspace dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2091
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2091)
<a name="dns_online" />
<a name="dns_online" />
## 65. Use Online API
First, you'll need to retrive your API key, which is available under https://console.online.net/en/api/access
First, you'll need to retrieve your online.net API key, which is available under https://console.online.net/en/api/access
```sh
export ONLINE_API_KEY='<key>'
@ -1586,10 +1584,10 @@ To issue a cert run:
`ONLINE_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
If you find any bugs of online.net dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2093
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2093)
<a name="dns_mydevil" />
<a name="dns_mydevil" />
## 66. Use MyDevil.net
@ -1599,9 +1597,11 @@ Make sure that you can execute own binaries:
devil binexec on
```
Install acme.sh, or simply `git clone` it into some directory on your MyDevil host account (in which case you should link to it from your `~/bin` directory).
Install acme.sh, or simply `git clone` it into some directory on your MyDevil host account
(in which case you should link to it from your `~/bin` directory).
If you're not using private IP and depend on default IP provided by host, you may want to edit `crontab` too, and make sure that `acme.sh --cron` is run also after reboot (you can find out how to do that on their wiki pages).
If you're not using private IP and depend on default IP provided by host, you may want to edit `crontab` too,
and make sure that `acme.sh --cron` is run also after reboot (you can find out how to do that on their wiki pages).
To issue a new certificate, run:
@ -1609,14 +1609,14 @@ To issue a new certificate, run:
./acme.sh --issue --dns dns_mydevil -d example.com -d *.example.com
```
After certificate is ready, you can install it with [deploy command](https://github.com/Neilpang/acme.sh/wiki/deployhooks#14-deploy-your-cert-on-mydevilnet).
After certificate is ready, you can install it with [deploy command](https://github.com/acmesh-official/acme.sh/wiki/deployhooks#14-deploy-your-cert-on-mydevilnet).
<a name="dns_cn" />
<a name="dns_cn" />
## 67. Use Core-Networks API to automatically issue cert
First you need to login to your Core-Networks account to set up an API-User.
First you need to login to your Core-Networks.de account to set up an API-User.
Then export username and password to use these credentials.
```sh
@ -1631,7 +1631,10 @@ Ok, let's issue a cert now:
The `CN_User` and `CN_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
If you find any bugs of core-networks.de dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2142
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2142)
<a name="dns_nederhost" />
## 68. Use NederHost API
@ -1647,11 +1650,14 @@ To issue a certificate run:
./acme.sh --issue --dns dns_nederhost -d example.com -d *.example.com
```
If you find any bugs of NederHost dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2089
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2089)
<a name="dns_zone" />
## 69. Use Zone.ee DNS API
First, you'll need to retrive your API key. Estonian insructions https://help.zone.eu/kb/zoneid-api-v2/
First, you'll need to retrieve your API key. Estonian instructions https://help.zone.eu/kb/zoneid-api-v2/
```sh
export ZONE_Username=yourusername
@ -1667,10 +1673,10 @@ To issue a cert run:
`ZONE_Username` and `ZONE_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
If you find any bugs of zone.eu (zone.ee) dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2146
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2146)
<a name="dns_ultra" />
<a name="dns_ultra" />
## 70. Use UltraDNS API
@ -1693,15 +1699,18 @@ To issue a cert run:
./acme.sh --issue --dns dns_ultra -d example.com -d www.example.com
```
`ULTRA_USR` and `ULTRA_PWD` will be saved in `~/.acme.sh/account.conf` and will be resued when needed.
`ULTRA_USR` and `ULTRA_PWD` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_desec" />
<a name="dns_desec" />
## 71. Use deSEC.io
Sign up for dynDNS at https://desec.io first.
Sign up for deSEC.io dynDNS at https://desec.io first.
Set your API token (password) by generating one from your account on desec.io.
It's also a good idea to restrict the IPv4 / IPv6 address(es) it can be used from.
Set your API token (password) by generating one from your account on desec.io (it's also a good idea to restrict the IPv4 / IPv6 address(es) it can be used from).
```sh
export DEDYN_TOKEN="<token>"
```
@ -1710,10 +1719,10 @@ To issue a certificate run:
./acme.sh --issue --dns dns_desec -d foobar.dedyn.io -d *.foobar.dedyn.io
```
If you find any bugs of deSEC.io API, please report here: https://github.com/Neilpang/acme.sh/issues/2180
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2180)
<a name="dns_openprovider" />
<a name="dns_openprovider" />
## 72. Use OpenProvider API
@ -1728,15 +1737,18 @@ export OPENPROVIDER_PASSWORDHASH="<hash>"
`OPENPROVIDER_USER` and `OPENPROVIDER_PASSWORDHASH` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
If you find any bugs of OpenProvider dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2104
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2104)
<a name="dns_maradns" />
<a name="dns_maradns" />
## 73. Use MaraDNS API
Make sure you've configured MaraDNS properly and setup a zone file for your domain. See [`csv2(5)`](https://manpages.debian.org/stretch/maradns/csv2.5.en.html).
Make sure you've configured MaraDNS properly and set up a zone file for your domain.
See [`csv2(5)`](https://manpages.debian.org/stretch/maradns/csv2.5.en.html).
Set the path to your zone file, and path to duende's pid file (see, [`duende(8)`](https://manpages.debian.org/stretch/duende/duende.8.en.html) or `ps -C duende o pid,cmd`).
Set the path to your zone file, and path to duende's pid file.
See, [`duende(8)`](https://manpages.debian.org/stretch/duende/duende.8.en.html) or `ps -C duende o pid,cmd`).
The pid file is used to ask duende to reload the configuration automatically after DNS records are added.
```sh
export MARA_ZONE_FILE="/etc/maradns/db.domain.com"
@ -1753,22 +1765,24 @@ Issuing a certificate:
`MARA_ZONE_FILE` and `MARA_DUENDE_PID_PATH` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
If you find any bugs of MaraDNS DNS API, please report here: https://github.com/Neilpang/acme.sh/issues/2072
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2072)
<a name="dns_hetzner" />
<a name="dns_hetzner" />
## 74. Use Hetzner API
Get the API Token:
Use [dnsConsole](https://dns.hetzner.com/) to create your hetzner api token.
Issuing a certificate (using letsencrypt):
Issuing a certificate (using LetsEncrypt):
```sh
export HETZNER_Token="<token>"
./acme.sh --issue --dns dns_hetzner -d example.com -d www.example.com --server letsencrypt
```
<a name="dns_ddnss" />
<a name="dns_ddnss" />
## 75. Use DDNSS.de API
@ -1787,9 +1801,10 @@ After that you can issue a new certificate:
./acme.sh --issue --dns dns_ddnss -d example.com
```
If you find any bugs of ddnss.de API, please report here: https://github.com/Neilpang/acme.sh/issues/2230
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2230)
<a name="dns_nsd" />
<a name="dns_nsd" />
## 76. Use NLnetLabs NSD
@ -1812,9 +1827,9 @@ To issue a new certificate, run:
./acme.sh --issue --dns dns_nsd -d example.com -d *.example.com
```
If you find any bugs of NLnetLabs NSD dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2245
Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/2245)
-----------------------------------
**[More APIs see here...](https://github.com/Neilpang/acme.sh/wiki/dnsapi2)**
**[More APIs see here...](https://github.com/acmesh-official/acme.sh/wiki/dnsapi2)**