certbot-dns-multi
DNS plugin for Certbot which integrates with the 117+ DNS providers from the lego ACME client.
At the last check, the supported providers are:
Akamai EdgeDNS, Alibaba Cloud DNS, all-inkl, Amazon Lightsail, Amazon Route 53, ArvanCloud, Aurora DNS, Autodns, Azure (deprecated), Azure DNS, Bindman, Bluecat, Brandit, Bunny, Checkdomain, Civo, Cloud.ru, CloudDNS, Cloudflare, ClouDNS, CloudXNS, ConoHa, Constellix, CPanel/WHM, Derak Cloud, deSEC.io, Designate DNSaaS for Openstack, Digital Ocean, DNS Made Easy, dnsHome.de, DNSimple, DNSPod (deprecated), Domain Offensive (do.de), Domeneshop, DreamHost, Duck DNS, Dyn, Dynu, EasyDNS, Efficient IP, Epik, Exoscale, External program, freemyip.com, G-Core, Gandi Live DNS (v5), Gandi, Glesys, Go Daddy, Google Cloud, Google Domains, Hetzner, Hosting.de, Hosttech, HTTP request, http.net, Hurricane Electric DNS, HyperOne, IBM Cloud (SoftLayer), IIJ DNS Platform Service, Infoblox, Infomaniak, Internet Initiative Japan, Internet.bs, INWX, Ionos, IPv64, iwantmyname, Joker, Joohoi's ACME-DNS, Liara, Linode (v4), Liquid Web, Loopia, LuaDNS, Mail-in-a-Box, Manual, Metaname, MyDNS.jp, MythicBeasts, Name.com, Namecheap, Namesilo, NearlyFreeSpeech.NET, Netcup, Netlify, Nicmanager, NIFCloud, Njalla, Nodion, NS1, Open Telekom Cloud, Oracle Cloud, OVH, plesk.com, Porkbun, PowerDNS, Rackspace, RcodeZero, reg.ru, RFC2136, RimuHosting, Sakura Cloud, Scaleway, Selectel, Servercow, Shellrent, Simply.com, Sonic, Stackpath, Tencent Cloud DNS, TransIP, UKFast SafeDNS, Ultradns, Variomedia, VegaDNS, Vercel, Versio.[nl/eu/uk], VinylDNS, VK Cloud, Vscale, Vultr, Webnames, Websupport, WEDOS, Yandex 360, Yandex Cloud, Yandex PDD, Zone.ee, Zonomi
Installation
via snap
Using the certbot snap is the easiest way to use this plugin. See here for instructions on installing Certbot via snap.
sudo snap install certbot-dns-multi
sudo snap set certbot trust-plugin-with-root=ok
sudo snap connect certbot:plugin certbot-dns-multivia pip
Compiled wheels are available for most x86_64/amd64 Linux distributions. On other platforms, pip will try to compile the plugin, which requires Go 1.19 or newer to be installed on your server.
| How did you install Certbot? | How to install the plugin |
|---|---|
From snap |
Don't use pip! Use the snap instructions above. |
Using the official Certbot pip instructions |
sudo /opt/certbot/bin/pip install certbot-dns-multi |
From apt, yum, dnf or any other distro package manager. (Requires Certbot 1.12.0 or newer.) |
pip install certbot-dns-multi |
via docker
Docker images for linux/amd64 and linux/arm64 are available from ghcr.io/alexzorin/certbot-dns-multi.
e.g.
docker run --rm -it -v /etc/letsencrypt:/etc/letsencrypt \
ghcr.io/alexzorin/certbot-dns-multi certonly \
-a dns-multi --dns-multi-credentials /etc/letsencrypt/dns-multi.ini \
-d "*.example.com" -d "example.com" --dry-runUsage
certbot-dns-multi is controlled via a credentials file.
-
Head to https://go-acme.github.io/lego/dns/ and find your DNS provider in the list. In this example, we'll use
cloudflare. -
Create
/etc/letsencrypt/dns-multi.iniand enter the name of your provider, all lowercase, as below:dns_multi_provider = cloudflare -
Following the instructions on https://go-acme.github.io/lego/dns/cloudflare/, we add the required configuration items:
dns_multi_provider = cloudflare CLOUDFLARE_DNS_API_TOKEN="1234567890abcdefghijklmnopqrstuvwxyz" -
Save the file and secure it:
chmod 0600 /etc/letsencrypt/dns-multi.ini -
Try issue a certificate now:
certbot certonly -a dns-multi \ --dns-multi-credentials=/etc/letsencrypt/dns-multi.ini \ -d "*.example.com" \ --dry-run -
🥳, or if not, ask on the community forums for help.