This is an old revision of the document!

BookMyName hooks for LE-Certbot

The following crude scripts can be used as hooks to authenticate domains hosted by BookMyName (super cheap domains) using DNS challenges with this initial certbot command: 

certbot certonly --manual --preferred-challenges=dns --manual-auth-hook /path/to/bmn-JXXXXX-auth.sh --manual-cleanup-hook /path/to/bmn-AAXXXX-cleanup.sh -d yourdomain.com -d *.yourdomain.com

BMN has a pseudo API, though it's slow as hell to update (~15/20 minutes)

Obviously: place files where only your certbot runs, lock them down to be read only by whatever user runs your certonly/renew commands, often root, and change the BMN_USER/PASS variables

Feel free to have the cleanup script loop through a dig _acme-challenge.$DOMAIN TXT +short | tr -d “\”“ and clean each entry, if entries get stranded, the answer would end up to long to validate a cert request

bmn-JXXXXX-auth.sh
#!/bin/bash
 
BMN_USER="JXXXXX-FREE"
BMN_PASS="plikplok"
 
DOMAIN=$(expr match "$CERTBOT_DOMAIN" '.*\.\(.*\..*\)')
 
# Bare TLD gets written off
if [[ $DOMAIN == "" ]]
then
  DOMAIN=$CERTBOT_DOMAIN
fi
 
echo "All Domains for this cert: $CERTBOT_ALL_DOMAINS"
echo "Remaing Challenges for this cert: $CERTBOT_REMAINING_CHALLENGES"
echo "Challenging Domain: $DOMAIN"
 
curl -s -u $BMN_USER:$BMN_PASS "https://www.bookmyname.com/dyndns/?hostname=_acme-challenge.$DOMAIN&type=txt&ttl=300&do=add&value=\"$CERTBOT_VALIDATION\""
 
loopcount=0
while true
do
  if [[ $loopcount == 40 ]]
  then
    echo "Failed to validate :-("
    exit 1
  fi
 
  ((loopcount=loopcount+1))
  echo -n "Try number $loopcount ..."
  recordset=$(dig _acme-challenge.$DOMAIN TXT +short | tr -d "\""  | grep "$CERTBOT_VALIDATION")
  echo -n "Found '$recordset' ..."
  if [[ $recordset == $CERTBOT_VALIDATION ]]
  then
    echo "GOOD!"
    sleep 10s
    exit 0
  else
    echo "Having a nap..."
    sleep 1m
  fi
done
bmn-JXXXXX-cleanup.sh
#!/bin/bash
 
BMN_USER="JXXXXX-FREE"
BMN_PASS="plikplok"
 
DOMAIN=$(expr match "$CERTBOT_DOMAIN" '.*\.\(.*\..*\)')
 
if [[ $DOMAIN == "" ]]
then
  DOMAIN=$CERTBOT_DOMAIN
fi
 
echo Domain: $DOMAIN
curl -s -u $BMN_USER:$BMN_PASS "https://www.bookmyname.com/dyndns/?hostname=_acme-challenge.$DOMAIN&type=txt&ttl=300&do=remove&value=\"$CERTBOT_VALIDATION\""
exit 0
misc/scripts/letsencrypt-bookmyname-dnschallenge.1607959843.txt.gz · Last modified: 2020/12/14 16:30 by jaxx


  • Show pagesource
  • Old revisions
  • Backlinks
  • Recent Changes
  • Media Manager
  • Sitemap