$HE_SESSID doesn't work and README enhancement

[zaszlo]

Hi,

I'm new to certbot and would like to have the free ssl cert with Hurricane Electric Free DNS Management (https://dns.he.net).

For the first step in the readme I get a "No renewals were attempted." As I haven't configured any domains. For that I guess I should start with #2 from the readme, but that requires a HE_SESSID=. How do I get that HE_SESSID?

Loging in the site and looking to cookies I see only a CGISESSID. Tried with that and got:

Waiting for verification... Cleaning up challenges Error output from certbot-he-hook.sh: No zone for domain "" found. /root/certbot-he-hook.sh: line 99: return: can only `return' from a function or sourced script

Failed authorization procedure. xyz.com (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.xyz.com

[angel333]

For that I guess I should start with #2 from the readme, but that requires a HE_SESSID=. How do I get that HE_SESSID?

Aha, that's unclear in the README, will fix that. With both "renew" and "certonly" you can use either HE_USER and HE_PASS, or HE_SESSID. In fact, if you omit the authentication details, it should you tell you what to do.

For the rest of the problem - could you provide the command that you're running (with obfuscated details)?

[zaszlo]

sure:

HE_SESSID=5...d certbot certonly \
  --preferred-challenges dns \
  --email some@gmail.com \
  --manual \
  --manual-auth-hook /root/certbot-he-hook.sh  \
  --manual-cleanup-hook /root/certbot-he-hook.sh  \
  --manual-public-ip-logging-ok \
  --domain xyz.com

[angel333]

Thanks. Could you also try it with HE_USER and HE_PASS instead of HE_SESSID?

[zaszlo]

Thank you, this way it did work. The SESSID was right though, I double checked and am logged in with it. But it is more convinient to just write the user/pass than to log in and check out the sessid.

[angel333]

Glad it worked. Indeed, there was a bug in the HE_SESSID part. Thanks for reporting!