Closed chaptergy closed 3 years ago
So we explicitly changed it from credentials as the configuration file contained info other than just credentials. I see no reason why we couldn't support both though. Will look at doing that this week.
@chaptergy can you test out the changes in master and see if it solves your problem?
I unfortunately do not have an azure account, this was basically a proxy issue. But everything does seem to work fine up until the point where actual authentication is required. Maybe @vbap would be able to test this further?
Here would be the instructions to test this on Linux and probably Mac:
python
and pip
(which should usually be included) installedpip install certbot
pip install git+https://github.com/binkhq/certbot-dns-azure.git#egg=certbot-dns-azure
credentials.ini
file according to this documentation (configuration section)chredentials.ini
file:
certbot certonly --authenticator dns-azure --dns-azure-credentials credentials.ini -d example.com --dry-run --register-unsafely-without-email
See if that works. If you get an error about Unsafe permissions on credentials configuration file
, make sure only you have read and write permissions on that file => chmod 600 credentials.ini
.
@terrycain I followed @chaptergy instructions and the dry run test passed
root@linsvr-test:~/certbot-test# certbot certonly --authenticator dns-azure --dns-azure-credentials credentials.ini -d example.net --dry-run --register-unsafely-without-email
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator dns-azure, Installer None
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server. Do you agree?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Account registered.
Simulating a certificate request for example.net
Performing the following challenges:
dns-01 challenge for example.net
Waiting 10 seconds for DNS changes to propagate
Waiting for verification...
Cleaning up challenges
IMPORTANT NOTES:
- The dry run was successful.
I also ran it with--dns-azure-config
and that too passed
Note: I only tested with azure Service Principal option
Awesome, will do a release hopefully in the next few days
Ok 1.2.0 is out, should fix your problem.
Feel free to reopen this issue if it doesn't 😄
Hello, I am here through https://github.com/jc21/nginx-proxy-manager/issues/1087.
Unlike most other dns plugins your plugin needs the path to the config ini file passed in with the
--dns-azure-config
flag, instead of--dns-azure-credentials
.Maybe you could consider also supporting the
--dns-azure-credentials
flag? One could just take precedence over the other, if both are specified. This way the custom flag would still be supported for current implementations, but it would also support the standard approach.Thanks!