search

ctrlaltcoop / certbot-dns-hetzner

Certbot plugin enabling dns-01 challenge on the Hetzner DNS API
Other
155 stars 24 forks source link

Renewal authenticator not registered #4

Closed robertoschwald closed 4 years ago

robertoschwald commented 4 years ago

If using the dns-hetzner authenticator, the renewal config still sets authenticator = apache

Doesn't the dns-hetzner authenticator have to be registered there automatically?

This renewal file is written, which causes "certbot renew --dry-run" to fail:

# Options used in the renewal process
[renewalparams]
authenticator = apache
...

The authenticator would be picked up automatically when specifying:

[renewalparams]
authenticator = certbot-dns-hetzner:dns-hetzner
certbot_dns_hetzner:dns_hetzner_credentials = <path>/certbot-hetzner.ini
...

Also: Is it possible to have an external plugin invoked without prefixing with certbot-dns-hetzner? Or is this possible only for the internal plugins, like https://github.com/certbot/certbot/tree/master/certbot-dns-cloudflare ?

robertoschwald commented 4 years ago

Ok, it happened only on the hosts which were using client 1.0.1. Possible root cause was #3 Added the missing entries manually on the affected hosts. All hosts which use 1.0.3 to issue certificates are fine.