-
-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add DNS provider for Core-Networks #2101
Conversation
7b39818
to
2689c47
Compare
2689c47
to
efaa55b
Compare
efaa55b
to
1e38975
Compare
This comment was marked as outdated.
This comment was marked as outdated.
1e38975
to
d6a0520
Compare
d6a0520
to
ecef4c3
Compare
ecef4c3
to
da54a93
Compare
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
I updated the PR, I think the problem was related to a missing I also change the "mode" of the provider because, based on the translated doc, the provider doesn't support multiple records for the same domain at the same time.
Also, note that the wildcard is important:
|
9b32d94
to
bed2ba1
Compare
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
Looks good this time root@cachehost ~/lego # gh pr checkout 2101
remote: Enumerating objects: 61, done.
remote: Counting objects: 100% (54/54), done.
remote: Compressing objects: 100% (18/18), done.
remote: Total 61 (delta 35), reused 53 (delta 35), pack-reused 7 (from 1)
Unpacking objects: 100% (61/61), 9.80 KiB | 557.00 KiB/s, done.
From https://github.com/go-acme/lego
* [new ref] refs/pull/2101/head -> feat/corenetworks
Switched to branch 'feat/corenetworks'
root@cachehost ~/lego # make build
BIN_OUTPUT: dist/lego
rm -rf dist/ builds/ cover.out
Version: de7e82bcf01fef8b7058936a1022367e2757428d
go build -trimpath -ldflags '-X "main.version=de7e82bcf01fef8b7058936a1022367e2757428d"' -o dist/lego ./cmd/lego/
root@cachehost ~/lego # rm -rf .lego
root@cachehost ~/lego # LEGO_DEBUG_CLIENT_VERBOSE_ERROR=true CORENETWORKS_LOGIN="apiexample" CORENETWORKS_PASSWORD="xxxxxxx" ./dist/lego -m corenetworks@example.de --dns corenetworks -d testdomain.example.de -d example.de -s https://acme-staging-v02.api.letsencrypt.org/directory run
2024/10/25 10:48:53 No key found for account corenetworks@example.de. Generating a P256 key.
2024/10/25 10:48:53 Saved key to /root/lego/.lego/accounts/acme-staging-v02.api.letsencrypt.org/corenetworks@example.de/keys/corenetworks@example.de.key
2024/10/25 10:48:53 Please review the TOS at https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf
Do you accept the TOS? Y/n
Y
2024/10/25 10:48:55 [INFO] acme: Registering account for corenetworks@example.de
!!!! HEADS UP !!!!
Your account credentials have been saved in your Let's Encrypt
configuration directory at "/root/lego/.lego/accounts".
You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
2024/10/25 10:48:56 [INFO] [testdomain.example.de, example.de] acme: Obtaining bundled SAN certificate
2024/10/25 10:48:56 [INFO] [testdomain.example.de] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14587035213
2024/10/25 10:48:56 [INFO] [example.de] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14587035223
2024/10/25 10:48:56 [INFO] [testdomain.example.de] acme: Could not find solver for: tls-alpn-01
2024/10/25 10:48:56 [INFO] [testdomain.example.de] acme: Could not find solver for: http-01
2024/10/25 10:48:56 [INFO] [testdomain.example.de] acme: use dns-01 solver
2024/10/25 10:48:56 [INFO] [example.de] acme: Could not find solver for: tls-alpn-01
2024/10/25 10:48:56 [INFO] [example.de] acme: Could not find solver for: http-01
2024/10/25 10:48:56 [INFO] [example.de] acme: use dns-01 solver
2024/10/25 10:48:56 [INFO] [testdomain.example.de] acme: Preparing to solve DNS-01
2024/10/25 10:48:57 [INFO] [testdomain.example.de] acme: Trying to solve DNS-01
2024/10/25 10:48:57 [INFO] [testdomain.example.de] acme: Checking DNS record propagation. [nameservers=185.12.64.1:53,[2a01:4ff:ff00::add:2]:53,185.12.64.2:53]
2024/10/25 10:48:59 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2024/10/25 10:49:04 [INFO] [testdomain.example.de] The server validated our request
2024/10/25 10:49:04 [INFO] [testdomain.example.de] acme: Cleaning DNS-01 challenge
2024/10/25 10:49:05 [INFO] sequence: wait for 1m0s
2024/10/25 10:50:05 [INFO] [example.de] acme: Preparing to solve DNS-01
2024/10/25 10:50:05 [INFO] [example.de] acme: Trying to solve DNS-01
2024/10/25 10:50:05 [INFO] [example.de] acme: Checking DNS record propagation. [nameservers=185.12.64.1:53,[2a01:4ff:ff00::add:2]:53,185.12.64.2:53]
2024/10/25 10:50:07 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2024/10/25 10:50:11 [INFO] [example.de] The server validated our request
2024/10/25 10:50:11 [INFO] [example.de] acme: Cleaning DNS-01 challenge
2024/10/25 10:50:11 [INFO] [testdomain.example.de, example.de] acme: Validations succeeded; requesting certificates
2024/10/25 10:50:11 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
2024/10/25 10:50:14 [INFO] [testdomain.example.de] Server responded with a certificate. |
I need a run with a wildcard (not a subdomain) + domain for the same root domain.
|
No problem, here you go root@cachehost ~/lego # LEGO_DEBUG_CLIENT_VERBOSE_ERROR=true CORENETWORKS_LOGIN="apiexample" CORENETWORKS_PASSWORD="xxxxxxx" ./dist/lego -m corenetworks@example.de --dns corenetworks -d *.example.de -d example.de -s https://acme-staging-v02.api.letsencrypt.org/directory run
2024/10/25 11:23:41 [INFO] [*.example.de, example.de] acme: Obtaining bundled SAN certificate
2024/10/25 11:23:42 [INFO] [*.example.de] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14587035223
2024/10/25 11:23:42 [INFO] [example.de] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14587436183
2024/10/25 11:23:42 [INFO] [example.de] acme: authorization already valid; skipping challenge
2024/10/25 11:23:42 [INFO] [*.example.de] acme: use dns-01 solver
2024/10/25 11:23:42 [INFO] [*.example.de] acme: Preparing to solve DNS-01
2024/10/25 11:23:42 [INFO] [*.example.de] acme: Trying to solve DNS-01
2024/10/25 11:23:42 [INFO] [*.example.de] acme: Checking DNS record propagation. [nameservers=185.12.64.1:53,[2a01:4ff:ff00::add:2]:53,185.12.64.2:53]
2024/10/25 11:23:44 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2024/10/25 11:23:50 [INFO] [*.example.de] The server validated our request
2024/10/25 11:23:50 [INFO] [*.example.de] acme: Cleaning DNS-01 challenge
2024/10/25 11:23:50 [INFO] [*.example.de, example.de] acme: Validations succeeded; requesting certificates
2024/10/25 11:23:51 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
2024/10/25 11:23:52 [INFO] [*.example.de] Server responded with a certificate. |
de7e82b
to
aa77a57
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
* volcengine: set API information within the default configuration (go-acme#2308) Co-authored-by: Fernandez Ludovic <ldez@users.noreply.github.com> * limacity: fix error message (go-acme#2310) * Add DNS provider for Core-Networks (go-acme#2101) * chore: update readme generator (go-acme#2311) * chore: fix readme generator (go-acme#2312) * chore: embed templates for internal commands (go-acme#2314) * chore: improve internal release command (go-acme#2315) * fix: parse printf verbs in log line output (go-acme#2317) * Add DNS provider for Regfish (go-acme#2320) * chore: update dependencies (go-acme#2321) * selectelv2: fix non-ASCII domain (go-acme#2322) Co-authored-by: Fernandez Ludovic <ldez@users.noreply.github.com> * brandit: provider deprecation (go-acme#2116) * cloudxns: provider deprecation (go-acme#2324) * chore: update issue templates * docs: use homogenous examples (go-acme#2328) * regru: update authentication method (go-acme#2325) * rfc2136: add support for tsig-keygen generated file (go-acme#2330) Co-authored-by: Dominik Menke <git@dmke.org> * Add DNS provider for Technitium (go-acme#2332) * feat: skip the TLS verification of the ACME server (go-acme#2335) * docs: add documentation for env var only options (go-acme#2337) * docs: update least privilege instructions for Cloudflare (go-acme#2339) * feat: attempt to check ARI unless explicitly disabled (go-acme#2298) Co-authored-by: Fernandez Ludovic <ldez@users.noreply.github.com> * chore: domain merge simplification (go-acme#2340) * chore: update linter (go-acme#2341) * Prepare release v4.20.0 * Detach v4.20.0 * Prepare release v4.20.1 * Detach v4.20.1 * Prepare release v4.20.2 * Detach v4.20.2 * fix: HTTP server IPv6 matching (go-acme#2345) * docs: improve changelog style (go-acme#2346) * docs: fix typos --------- Co-authored-by: 刘瑞斌 <bin@fit2cloud.com> Co-authored-by: Fernandez Ludovic <ldez@users.noreply.github.com> Co-authored-by: Dominik Menke <dom@digineo.de> Co-authored-by: Frederic Hemberger <fhemberger@users.noreply.github.com> Co-authored-by: Artem Chirkov <45077592+Archirk@users.noreply.github.com> Co-authored-by: Maksim Kamanin <79706809+tcaty@users.noreply.github.com> Co-authored-by: Dominik Menke <git@dmke.org> Co-authored-by: Josh McKinney <joshka@users.noreply.github.com> Co-authored-by: Samantha Frank <hello@entropy.cat>
go mod tidy
Ping @renne, can you run the command (with your domain, email, and credentials)?
Closes #1989