certbot-dns-leaseweb
Advanced tools
A certbot plugin that automates the process of completing a dns-01 challenge using Leaseweb's Domain API.
certbot-dns-leaseweb should be installed via pip, in the same python
environment in which certbot is installed:
pip install certbot-dns-leaseweb
Use the following flags to certbot to use and control this plugin:
| Option | Description |
|---|---|
--authenticator dns-leaseweb | required, enable and use this plugin. |
--dns-leaseweb-credentials | required, Leaseweb API credentials INI file. |
--dns-leaseweb-propagation-seconds | optional, seconds to wait for DNS records to propagate. |
A suitable API token can be generated from https://secure.leaseweb.com/api-client-management/.
The token should then be stored in an INI file:
dns_leaseweb_api_token = notarealtoken
CAUTION: These API credentials should be carefully protected from exposure and unauthorised access.
They could be used to complete DNS challenges, allowing potentially unauthorised parties to obtain or revoke certificates for your domains.
Obtain a wildcard certificate for example.com:
certbot certonly \
--authenticator dns-leaseweb \
--dns-leaseweb-credentials leaseweb.ini \
-d '*.example.com'
Obtain a wildcard certificate for example.com, with extra time for propagation:
certbot certonly \
--authenticator dns-leaseweb \
--dns-leaseweb-credentials leaseweb.ini \
--dns-leaseweb-propagation-seconds 600 \
-d '*.example.com'
If you prefer to run certbot with the dns-leaseweb plugin in docker, you can
build a suitable image with make image.
The image comes with a partially-completed CLI as its entrypoint:
/usr/local/bin/certbot \
--authenticator=dns-leaseweb \
--dns-leaseweb-credentials=/etc/letsencrypt/credentials/leaseweb.ini
You will need to create a suitable credentials file for the plugin at
/etc/letsencrypt/credentials/leaseweb.ini for the instructions below to work.
You can then use it as:
docker run --rm -ti \
--volume "/etc/letsencrypt:/etc/letsencrypt" \
--volume "/var/lib/letsencrypt:/var/lib/letsencrypt" \
certbot-dns-leaseweb:latest \
certonly \
--dns-leaseweb-propagation-seconds 600 \
-d '*.example.com'
Please report any issues (or improvement suggestions) at https://gitlab.com/iwaseatenbyagrue/certbot-dns-leaseweb/-/issues.
If you want to hack on this project, please make sure you run tests and linting on your code:
make test
To Letsencrypt, and the EFF for certbot.
This plugin is adapted from https://github.com/ctrlaltcoop/certbot-dns-hetzner, whose README was also the template for this file.
https://github.com/m42e/certbot-dns-ispconfig was also consulted during development of this plugin.
FAQs
Automate dns-01 challenge completion using Leaseweb Domains API.
We found that certbot-dns-leaseweb demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.