Differences

This shows you the differences between two versions of the page.

--- misc:scripts:letsencrypt-bookmyname-dnschallenge [2020/12/14 15:55] – jaxx
+++ misc:scripts:letsencrypt-bookmyname-dnschallenge [2020/12/14 16:19] – jaxx
@@ Line 4: / Line 4: @@
 <code>
-certbot certonly --manual --preferred-challenges=dns --manual-auth-hook /path/to/bmn-AAXXXX-auth.sh --manual-cleanup-hook /path/to/bmn-AAXXXX-cleanup.sh -d yourdomain.com -d *.yourdomain.com
+certbot certonly --manual --preferred-challenges=dns --manual-auth-hook /path/to/bmn-JXXXXX-auth.sh --manual-cleanup-hook /path/to/bmn-AAXXXX-cleanup.sh -d yourdomain.com -d *.yourdomain.com
 </code>
-BMN has a pseudo API, though it's slow as hell
+BMN has a pseudo API, though it's slow as hell to update (~15/20 minutes)
-<file bash bmn-ABXXXX-auth.sh>
+Obviously: place files where only your certbot runs, lock them down to be read only by whatever user runs your certonly/renew commands, often root, and change the BMN_USER/PASS variables
+Feel free to have the cleanup script loop through a ''dig _acme-challenge.$DOMAIN TXT +short | tr -d "\"" '' and clean each entry, if entries get stranded, the answer would end up to long to validate a cert request
+<file bash bmn-JXXXXX-auth.sh>
 #!/bin/bash
-BMN_USER="ABXXXX-FREE"
+BMN_USER="JXXXXX-FREE"
 BMN_PASS="plikplok"
 DOMAIN=$(expr match "$CERTBOT_DOMAIN" '.*\.\(.*\..*\)')
+# Bare TLD gets written off
 if [[ $DOMAIN == "" ]]
 then
@@ Line 53: / Line 58: @@
 </file>
-<file bash bmn-ABXXXX-cleanup.sh>
+<file bash bmn-JXXXXX-cleanup.sh>
 #!/bin/bash
-BMN_USER="ABXXXX-FREE"
+BMN_USER="JXXXXX-FREE"
 BMN_PASS="plikplok"