Closed rnakamine closed 3 years ago
Can you send us the output of certbot plugins --text
and also confirm how you installed certbot? I have a hunch you may have installed it with apt
or some other OS package manager and not pip
.
Also, just to rule it out try moving your domains to the end of the command. The usage string does specifically note that they should come last.
Certbot and plugins are installed via pip.
When I run certbot plugins --text
, I get the following:
$ certbot plugins --text
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
* dns-azure
Description: Obtain certificates using a DNS TXT record (if you are using Azure
for DNS).
Interfaces: IAuthenticator, IPlugin
Entry point: dns-azure = certbot_dns_azure._internal.dns_azure:Authenticator
* standalone
Description: Spin up a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot._internal.plugins.standalone:Authenticator
* webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Also, move the domain to the end of the command with similar results.
$ certbot certonly --dns-azure --dns-azure-config azure.ini --config-dir ./config-dir --work-dir ./work-dir --logs-dir ./logs-dir -d <my domain>
usage:
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...
Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
certificate.
certbot: error: ambiguous option: --dns-azure could match --dns-azure-propagation-seconds, --dns-azure-config
Ah yes, this is my bad, so the plugin was initially developed as a PR to the certbot repo with some extra changes to support that --dns-azure
flag. Can you try again without the --dns-azure
flag, it should work without it.
I'll update the docs soon :)
I can run it without the --dns-azure
flag.
$ certbot certonly --dns-azure-config azure.ini --config-dir ./config-dir --work-dir ./work-dir --logs-dir ./logs-dir -d <my domain>
Saving debug log to /path/to/logs-dir/letsencrypt.log
How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Obtain certificates using a DNS TXT record (if you are using Azure for DNS).
(dns-azure)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-3] then [enter] (press 'c' to cancel):
but if you set the --noninteractive
, --agree-tos
flags to prevent user input, you will be prompted to specify a plugin.
$ certbot certonly --noninteractive --agree-tos --dns-azure-config azure.ini --config-dir ./config-dir --work-dir ./work-dir --logs-dir ./logs-dir -d <my domain>
Saving debug log to /path/to/logs-dir/letsencrypt.log
Missing command line flags. For non-interactive execution, you will need to specify a plugin on the command line. Run with '--help plugins' to see a list of options, and see https://eff.org/letsencrypt-plugins for more detail on what the plugins do and how to use them.
I'm developing a tool that uses certbot to automate certificate acquisition and I need to avoid accepting user input.
Try:
certbot certonly --authenticator dns-azure --preferred-challenges dns --noninteractive --agree-tos --dns-azure-config azure.ini --config-dir ./config-dir --work-dir ./work-dir --logs-dir ./logs-dir -d <my domain>
certbot certonly --authenticator dns-azure --preferred-challenges dns --noninteractive --agree-tos --dns-azure-config azure.ini --config-dir ./config-dir --work-dir ./work-dir --logs-dir ./logs-dir -d <my domain>``` I was able to do it! Thank you so much.
This solved my problem.
Np will update the docs to reflect how to do it fully non-interactively
Sorry my bad english skills.
Abstract
Cannot specify
--dns-azure
optionSo I can't run the certbot command in non-interactive mode.