Add DNS provider for Webnames

[L-Nafaryus]

Hello, I'm interested in maintaining Webnames DNS provider for lego. The current PR adds support for this registrar.

Description

Webnames is an accredited registrar in the national domain zones .рф .ru .su .ws .cc .tv .me .kz .tw, russian-language zones .ру .ком .нет .орг, and also has ICANN accreditation for registering domains in the zones .com .net .org .biz .info .mobi .name .pro .aero .jobs .travel .asia .tel .cat.

Lego Output

Test with my API key and domain

```bash $ dist/lego -m l.nafaryus@gmail.com --dns webnames -d elnafo.ru -d *.elnafo.ru -s https://acme-staging-v02.api.letsencrypt.org/directory run 2024/01/10 15:09:50 No key found for account l.nafaryus@gmail.com. Generating a P256 key. 2024/01/10 15:09:50 Saved key to /home/nafaryus/projects/lego/.lego/accounts/acme-staging-v02.api.letsencrypt.org/l.nafaryus@gmail.com/keys/l.nafaryus@gmail.com.key 2024/01/10 15:09:51 Please review the TOS at https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf Do you accept the TOS? Y/n y 2024/01/10 15:09:53 [INFO] acme: Registering account for l.nafaryus@gmail.com !!!! HEADS UP !!!! Your account credentials have been saved in your Let's Encrypt configuration directory at "/home/nafaryus/projects/lego/.lego/accounts". You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained from Let's Encrypt so making regular backups of this folder is ideal. 2024/01/10 15:09:54 [INFO] [elnafo.ru, *.elnafo.ru] acme: Obtaining bundled SAN certificate 2024/01/10 15:09:55 [INFO] [*.elnafo.ru] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/10533726804 2024/01/10 15:09:55 [INFO] [elnafo.ru] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/10533726814 2024/01/10 15:09:55 [INFO] [*.elnafo.ru] acme: use dns-01 solver 2024/01/10 15:09:55 [INFO] [elnafo.ru] acme: Could not find solver for: tls-alpn-01 2024/01/10 15:09:55 [INFO] [elnafo.ru] acme: Could not find solver for: http-01 2024/01/10 15:09:55 [INFO] [elnafo.ru] acme: use dns-01 solver 2024/01/10 15:09:55 [INFO] [*.elnafo.ru] acme: Preparing to solve DNS-01 2024/01/10 15:09:55 [INFO] [*.elnafo.ru] acme: Trying to solve DNS-01 2024/01/10 15:09:55 [INFO] [*.elnafo.ru] acme: Checking DNS record propagation using [192.168.156.1:53] 2024/01/10 15:09:57 [INFO] Wait for propagation [timeout: 10m0s, interval: 2s] 2024/01/10 15:09:57 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:09:59 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:10:01 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:10:03 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:10:15 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:10:18 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:10:42 [INFO] [*.elnafo.ru] The server validated our request 2024/01/10 15:10:42 [INFO] [*.elnafo.ru] acme: Cleaning DNS-01 challenge 2024/01/10 15:10:42 [INFO] sequence: wait for 1m0s 2024/01/10 15:11:42 [INFO] [elnafo.ru] acme: Preparing to solve DNS-01 2024/01/10 15:11:42 [INFO] [elnafo.ru] acme: Trying to solve DNS-01 2024/01/10 15:11:42 [INFO] [elnafo.ru] acme: Checking DNS record propagation using [192.168.156.1:53] 2024/01/10 15:11:44 [INFO] Wait for propagation [timeout: 10m0s, interval: 2s] 2024/01/10 15:11:44 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:11:46 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:11:48 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:11:50 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:11:52 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:11:54 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:11:56 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:11:58 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:12:01 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:12:03 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:12:05 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:12:07 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:12:09 [INFO] [elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/10 15:12:19 [INFO] retry due to: acme: error: 400 :: POST :: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/10533726814 :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: "qqLcudTm7cUNPvr8wh4TKEHTOxdSkRsdq9E9Pv61jaJLFWLZq-A" 2024/01/10 15:12:24 [INFO] [elnafo.ru] The server validated our request 2024/01/10 15:12:24 [INFO] [elnafo.ru] acme: Cleaning DNS-01 challenge 2024/01/10 15:12:24 [INFO] [elnafo.ru, *.elnafo.ru] acme: Validations succeeded; requesting certificates 2024/01/10 15:12:25 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] 2024/01/10 15:12:26 [INFO] [elnafo.ru] Server responded with a certificate. ```

related to #1641

[ldez]

Hello, in order for a PR adding a DNS provider to be accepted, you have to:

• [x] add a description to your PR
• [x] be able to maintain this provider
• [x] have a homogeneous design with the other providers
• [x] add tests (units)

  make test

• [x] add tests ("live") https://github.com/go-acme/lego/blob/c938de68f262c057542d44bcb67ef961cefcc60e/providers/dns/cloudflare/cloudflare_test.go#L125-L151

make test

• [x] add a provider descriptor
• [x] generate CLI help, documentation, and readme.

  make generate-dns

• [x] be able to do: (and put the output of this command to a comment in your PR)

  
  rm -rf .lego

./lego -m your@email.com --dns YOUR_PROVIDER_NAME -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run

Note the wildcard domain is important.
- [x] pass the linter ([golangci-lint](https://github.com/golangci/golangci-lint#install) must be installed):
```shell
make checks

• [x] do go mod tidy

[ldez]

Are you a customer or an employee of Webnames?

After the changes (sequential, and my update of the client) the test command should be run again and the output should be provided.

[ldez]

A public API documentation seems to be not provided by Webnames.

Inside this documentation I found this script

Based on this script, this implementation of the API client is not the "recommended" approach: the script is based on POST and your client is based on GET.

The documentation of the API is missing this is a real maintenance problem.

[L-Nafaryus]

I am a customer of Webnames. Yes, Webnames does not provide documentation for this API, I asked them today. Regtime has a different API for paid partners (resellers), but not for regular customers. So we only have two old repositories that are still in use today: acme.sh and certbot.

As for my GET based client - that was my mistake, I guess I was in a hurry. If you are thinking of declining this provider - unfortunately, I will agree with you.

The main purpose of adding the provider was so that I could easily use it with the NixOS acme module since this module is based on Lego for receiving Let's Encrypt certificates. However, I can now override this module to use the enhanced version of Lego with my branch.

To finish this client using the POST method, I just need to edit the APIResponse to wait for a number instead of a string in the Details field. Or just keep this not recommended approach with GET.

[ldez]

About the POST I will backport the work I have done inside PR #1641. About the doc, I think we will just reference the script as we have no choice. I hope webnames will create documentation in the future.

After the backport, you will need to run again the test command.

[ldez]

@L-Nafaryus can you give me the output of the test command with the new implementation?

[L-Nafaryus]

Yes, you didn't pay attention to the fact that the Details need to be changed to int, with my fix the output is following:

Test

```console $ dist/lego -m l.nafaryus@gmail.com --dns webnames -d "*.elnafo.ru" -d "elnafo.ru" -s https://acme-staging-v02.api.letsencrypt.org/directory run 2024/01/11 21:19:47 No key found for account l.nafaryus@gmail.com. Generating a P256 key. 2024/01/11 21:19:47 Saved key to /home/nafaryus/projects/lego/.lego/accounts/acme-staging-v02.api.letsencrypt.org/l.nafaryus@gmail.com/keys/l.nafaryus@gmail.com.key 2024/01/11 21:19:48 Please review the TOS at https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf Do you accept the TOS? Y/n y 2024/01/11 21:19:51 [INFO] acme: Registering account for l.nafaryus@gmail.com !!!! HEADS UP !!!! Your account credentials have been saved in your Let's Encrypt configuration directory at "/home/nafaryus/projects/lego/.lego/accounts". You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained from Let's Encrypt so making regular backups of this folder is ideal. 2024/01/11 21:19:52 [INFO] [*.elnafo.ru, elnafo.ru] acme: Obtaining bundled SAN certificate 2024/01/11 21:19:53 [INFO] [*.elnafo.ru] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/10556730004 2024/01/11 21:19:53 [INFO] [elnafo.ru] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/10556730014 2024/01/11 21:19:53 [INFO] [*.elnafo.ru] acme: use dns-01 solver 2024/01/11 21:19:53 [INFO] [elnafo.ru] acme: Could not find solver for: tls-alpn-01 2024/01/11 21:19:53 [INFO] [elnafo.ru] acme: Could not find solver for: http-01 2024/01/11 21:19:53 [INFO] [elnafo.ru] acme: use dns-01 solver 2024/01/11 21:19:53 [INFO] [*.elnafo.ru] acme: Preparing to solve DNS-01 2024/01/11 21:19:53 [INFO] [elnafo.ru] acme: Preparing to solve DNS-01 2024/01/11 21:19:53 [INFO] [*.elnafo.ru] acme: Trying to solve DNS-01 2024/01/11 21:19:53 [INFO] [*.elnafo.ru] acme: Checking DNS record propagation using [192.168.156.1:53 8.8.8.8:53] 2024/01/11 21:19:55 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s] 2024/01/11 21:19:58 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:00 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:02 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:04 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:06 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:08 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:11 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:13 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:15 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:17 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:19 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:21 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:23 [INFO] [*.elnafo.ru] acme: Waiting for DNS record propagation. 2024/01/11 21:20:37 [INFO] [*.elnafo.ru] The server validated our request 2024/01/11 21:20:37 [INFO] [elnafo.ru] acme: Trying to solve DNS-01 2024/01/11 21:20:37 [INFO] [elnafo.ru] acme: Checking DNS record propagation using [192.168.156.1:53 8.8.8.8:53] 2024/01/11 21:20:39 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s] 2024/01/11 21:20:50 [INFO] [elnafo.ru] The server validated our request 2024/01/11 21:20:50 [INFO] [*.elnafo.ru] acme: Cleaning DNS-01 challenge 2024/01/11 21:20:50 [INFO] [elnafo.ru] acme: Cleaning DNS-01 challenge 2024/01/11 21:20:50 [INFO] [*.elnafo.ru, elnafo.ru] acme: Validations succeeded; requesting certificates 2024/01/11 21:20:50 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] 2024/01/11 21:20:52 [INFO] [*.elnafo.ru] Server responded with a certificate. ```

[ldez]

can you give me examples of the response?

Because I created test files https://github.com/go-acme/lego/pull/2077/files#diff-a92c7cc80c93344751243c91f2685f9c16371cfd9fd8dd900e2f9983aaf57b7b

[L-Nafaryus]

Here is the last output

```bash 2024/01/11 21:16:55 No key found for account l.nafaryus@gmail.com. Generating a P256 key. 2024/01/11 21:16:55 Saved key to /home/nafaryus/projects/lego/.lego/accounts/acme-staging-v02.api.letsencrypt.org/l.nafaryus@gmail.com/keys/l.nafaryus@gmail.com.key 2024/01/11 21:16:56 Please review the TOS at https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf Do you accept the TOS? Y/n y 2024/01/11 21:17:02 [INFO] acme: Registering account for l.nafaryus@gmail.com !!!! HEADS UP !!!! Your account credentials have been saved in your Let's Encrypt configuration directory at "/home/nafaryus/projects/lego/.lego/accounts". You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained from Let's Encrypt so making regular backups of this folder is ideal. 2024/01/11 21:17:02 [INFO] [*.elnafo.ru, elnafo.ru] acme: Obtaining bundled SAN certificate 2024/01/11 21:17:03 [INFO] [*.elnafo.ru] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/10556699014 2024/01/11 21:17:03 [INFO] [elnafo.ru] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/10556699024 2024/01/11 21:17:03 [INFO] [*.elnafo.ru] acme: use dns-01 solver 2024/01/11 21:17:03 [INFO] [elnafo.ru] acme: Could not find solver for: tls-alpn-01 2024/01/11 21:17:03 [INFO] [elnafo.ru] acme: Could not find solver for: http-01 2024/01/11 21:17:03 [INFO] [elnafo.ru] acme: use dns-01 solver 2024/01/11 21:17:03 [INFO] [*.elnafo.ru] acme: Preparing to solve DNS-01 2024/01/11 21:17:04 [INFO] [elnafo.ru] acme: Preparing to solve DNS-01 2024/01/11 21:17:04 [INFO] [*.elnafo.ru] acme: Cleaning DNS-01 challenge 2024/01/11 21:17:04 [WARN] [*.elnafo.ru] acme: cleaning up failed: webnames: failed to remove TXT records [domain: elnafo.ru, sub domain: _acme-challenge]: unable to unmarshal response: [status code: 200] body: {"result":"OK","details":1} error: json: cannot unmarshal number into Go struct field APIResponse.details of type string 2024/01/11 21:17:04 [INFO] [elnafo.ru] acme: Cleaning DNS-01 challenge 2024/01/11 21:17:04 [WARN] [elnafo.ru] acme: cleaning up failed: webnames: failed to remove TXT records [domain: elnafo.ru, sub domain: _acme-challenge]: unable to unmarshal response: [status code: 200] body: {"details":0,"result":"OK"} error: json: cannot unmarshal number into Go struct field APIResponse.details of type string 2024/01/11 21:17:04 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/10556699014 2024/01/11 21:17:05 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/10556699024 2024/01/11 21:17:05 Could not obtain certificates: error: one or more domains had a problem: [*.elnafo.ru] [*.elnafo.ru] acme: error presenting token: webnames: failed to create TXT records [domain: elnafo.ru, sub domain: _acme-challenge]: unable to unmarshal response: [status code: 200] body: {"result":"OK","details":1} error: json: cannot unmarshal number into Go struct field APIResponse.details of type string [elnafo.ru] [elnafo.ru] acme: error presenting token: webnames: failed to create TXT records [domain: elnafo.ru, sub domain: _acme-challenge]: unable to unmarshal response: [status code: 200] body: {"result":"OK","details":1} error: json: cannot unmarshal number into Go struct field APIResponse.details of type string ```

[ldez]

I think I was not clear: can you give me the JSON response when an API error occurs?

I don't talk about the type change (which is right, it's a int).

[L-Nafaryus]

The responses are the same as in fixtures. And ... yeah, Details have a string type. I got it.

{"details":"zone_manager_unavailable","result":"ERROR"}

[ldez]

So the field Details as 2 types (int and string)?

[L-Nafaryus]

Yes.

[L-Nafaryus]

Now everything works fine and the tests pass.