Mirror
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2423 Commits
8 Branches
42 Tags
22 MiB
Tree: b32071ad04
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b32071ad04'
${ noResults }
acme.sh/dnsapi/README.md

1150 lines
32 KiB
Raw Normal View History

Update DNS API readme
8 years ago
readme for using api
9 years ago
add dns alias mode
6 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
add link to cloudflare profil for api key
6 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
fix doc error
9 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
support Godaddy domaain api
8 years ago
Update DNS API readme
8 years ago
support Godaddy domaain api
8 years ago
Update DNS API readme
8 years ago
support Godaddy domaain api
8 years ago
Update DNS API readme
8 years ago
support Godaddy domaain api
8 years ago
Update DNS API readme
8 years ago
support Godaddy domaain api
8 years ago
Update DNS API readme
8 years ago
support Godaddy domaain api
8 years ago
Add support PowerDNS API (#322) * Add support PowerDNS API * Small fixes
8 years ago
Update DNS API readme
8 years ago
Add support PowerDNS API (#322) * Add support PowerDNS API * Small fixes
8 years ago
Update DNS API readme
8 years ago
Add support PowerDNS API (#322) * Add support PowerDNS API * Small fixes
8 years ago
Update DNS API readme
8 years ago
Add support PowerDNS API (#322) * Add support PowerDNS API * Small fixes
8 years ago
Update DNS API readme
8 years ago
Add support PowerDNS API (#322) * Add support PowerDNS API * Small fixes
8 years ago
Update DNS API readme
8 years ago
Add support PowerDNS API (#322) * Add support PowerDNS API * Small fixes
8 years ago
add documentation for dns_nsupdate
8 years ago
Update DNS API readme
8 years ago
support Godaddy domaain api
8 years ago
Support OVH domain api
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
Update README.md
8 years ago
add documentation for dns_nsupdate
8 years ago
Update DNS API readme
8 years ago
add documentation for dns_nsupdate
8 years ago
Update DNS API readme
8 years ago
add documentation for dns_nsupdate
8 years ago
Update DNS API readme
8 years ago
Update README.md Fix usage documentation for dns_nsupdate. The NSUPDATE_KEY env needs to be a path to a file.
7 years ago
add documentation for dns_nsupdate
8 years ago
dnsapi: Add option to set zone for nsupdate Some DNS servers for which dns_nsupdate.sh is applicable (such as dyn.com's 'Standard DNS' TSIG update mechanism), require that the zone be set during the nsupdate transaction. Therefore we add a new environment variable NSUPDATE_ZONE which is used to set the zone for the DNS TSIG transaction. Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
6 years ago
add documentation for dns_nsupdate
8 years ago
Update DNS API readme
8 years ago
add documentation for dns_nsupdate
8 years ago
Update DNS API readme
8 years ago
add documentation for dns_nsupdate
8 years ago
dnsapi: Add option to set zone for nsupdate Some DNS servers for which dns_nsupdate.sh is applicable (such as dyn.com's 'Standard DNS' TSIG update mechanism), require that the zone be set during the nsupdate transaction. Therefore we add a new environment variable NSUPDATE_ZONE which is used to set the zone for the DNS TSIG transaction. Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
6 years ago
Update DNS API readme
8 years ago
add documentation for dns_nsupdate
8 years ago
Update README.md
8 years ago
READMEs edit
8 years ago
Update DNS API readme
8 years ago
READMEs edit
8 years ago
Update DNS API readme
8 years ago
READMEs edit
8 years ago
Update README.md
8 years ago
adding DNSMadeEasy API
8 years ago
Update DNS API readme
8 years ago
adding DNSMadeEasy API
8 years ago
Update DNS API readme
8 years ago
adding DNSMadeEasy API
8 years ago
Support AWS Route53 api
8 years ago
Add DNS API support for aliyun (#410) * Add DNS API support for aliyun * Update README.md * format * format * format * format... * format... * format * format * fix bug * fix bug * code format * code format * fix bug * just ok... * fix bug * fix bug * fix bug * change "echo" to "printf" * fix bug * code format * fix bug."head -c" in function _ali_nonce not supported by solaris * fix bug."head -c" in function _ali_nonce not supported by solaris * format * fix bug._ali_nonce not work on solaris * fix bug. _ali_nonce not work on solaris * fix bug. _ali_nonce not work on solaris * add aliyun.com to README.md
8 years ago
Added ISPConfig DNS API
8 years ago
Add instructions for the Alwaysdata API.
8 years ago
Added support for Linode DNS API.
8 years ago
Linode API v4 Redo The Cloud and Classic Manager work with different APIs, and so require a separate module, which we introduce here. The README has also been modified to state that the two are separate and incompatible, and provides instructions on using either.
6 years ago
Added instructions on how to get the Linode API key.
8 years ago
Added support for Linode DNS API.
8 years ago
Linode API v4 Redo The Cloud and Classic Manager work with different APIs, and so require a separate module, which we introduce here. The README has also been modified to state that the two are separate and incompatible, and provides instructions on using either.
6 years ago
Added support for Linode DNS API.
8 years ago
Added instructions on how to get the Linode API key.
8 years ago
Added support for Linode DNS API.
8 years ago
Linode API v4 Redo The Cloud and Classic Manager work with different APIs, and so require a separate module, which we introduce here. The README has also been modified to state that the two are separate and incompatible, and provides instructions on using either.
6 years ago
Added support for Linode DNS API.
8 years ago
Added instructions on how to get the Linode API key.
8 years ago
Added support for Linode DNS API.
8 years ago
Linode API v4 Redo The Cloud and Classic Manager work with different APIs, and so require a separate module, which we introduce here. The README has also been modified to state that the two are separate and incompatible, and provides instructions on using either.
6 years ago
Added instructions on how to get the Linode API key.
8 years ago
Minor edits to FreeDNS documentation
8 years ago
Updates to README.md
8 years ago
Minor edits to FreeDNS documentation
8 years ago
Updates to README.md
8 years ago
Add error message if fails to add TXT record for missing security code (probably a FreeDNS public domain)
8 years ago
spelling: automatically
8 years ago
Add error message if fails to add TXT record for missing security code (probably a FreeDNS public domain)
8 years ago
Add usage instructions and repo link to post issues.
8 years ago
Adapt to use general naming rule for account variables.
8 years ago
Add usage instructions and repo link to post issues.
8 years ago
Adapt to use general naming rule for account variables.
8 years ago
Add usage instructions and repo link to post issues.
8 years ago
add documentation
8 years ago
only reseller can use do.de's reseller interface
7 years ago
add documentation
8 years ago
add API for Gandi LiveDNS (#680) * add API for Gandi LiveDNS * ensure Gandi API key is saved for renewing certificate. * gandi_livedns: use PUT instead of POST for creating DNS record * gandi_livedns: fix formatting * dns_gandi_livedns: fix shellcheck errors
8 years ago
minor fix error message
8 years ago
add API for Gandi LiveDNS (#680) * add API for Gandi LiveDNS * ensure Gandi API key is saved for renewing certificate. * gandi_livedns: use PUT instead of POST for creating DNS record * gandi_livedns: fix formatting * dns_gandi_livedns: fix shellcheck errors
8 years ago
Add support for Knot DNS API The script is actually an adapted version of the `dns_nsupdate.sh` script, as the `knsupdate` utility is quite similar to `nsupdate`.
8 years ago
Fix the command to generate tsig key for knot api
7 years ago
Add support for Knot DNS API The script is actually an adapted version of the `dns_nsupdate.sh` script, as the `knsupdate` utility is quite similar to `nsupdate`.
8 years ago
Added DigitalOcean (native) API that requires only a read/write API key for DigitalOcean, updated 2 reads files.
8 years ago
Update README information for ClouDNS
8 years ago
Add DNS API support for ClouDNS
8 years ago
[cloudns] Add support for sub user IDs
7 years ago
Add DNS API support for ClouDNS
8 years ago
[cloudns] Add support for sub user IDs
7 years ago
Add DNS API support for ClouDNS
8 years ago
Update ClouDNS.net API doc Update ClouDNS.net API doc to show that CLOUDNS_AUTH_ID and CLOUDNS_AUTH_PASSWORD will be saved in ~/.acme.sh/account.conf
7 years ago
Add DNS API support for ClouDNS
8 years ago
Added Infoblox references
8 years ago
include dnsimple api Even though DNSimple is technically covered with lexicon not all systems can install python pip's easily. For these systems it is useful to have pure shell script API interactions.
8 years ago
Added Infoblox references
8 years ago
include dnsimple api Even though DNSimple is technically covered with lexicon not all systems can install python pip's easily. For these systems it is useful to have pure shell script API interactions.
8 years ago
Added Infoblox references
8 years ago
include dnsimple api Even though DNSimple is technically covered with lexicon not all systems can install python pip's easily. For these systems it is useful to have pure shell script API interactions.
8 years ago
Added Infoblox references
8 years ago
include dnsimple api Even though DNSimple is technically covered with lexicon not all systems can install python pip's easily. For these systems it is useful to have pure shell script API interactions.
8 years ago
Added Infoblox references
8 years ago
Resolved conflict. Resolved conflict.
8 years ago
include dnsimple api Even though DNSimple is technically covered with lexicon not all systems can install python pip's easily. For these systems it is useful to have pure shell script API interactions.
8 years ago
Resolved conflict. Resolved conflict.
8 years ago
include dnsimple api Even though DNSimple is technically covered with lexicon not all systems can install python pip's easily. For these systems it is useful to have pure shell script API interactions.
8 years ago
Resolved conflict. Resolved conflict.
8 years ago
Update README.md Fix VSCALE example (add export before VSCALE_API_KEY)
6 years ago
Resolved conflict. Resolved conflict.
8 years ago
include dnsimple api Even though DNSimple is technically covered with lexicon not all systems can install python pip's easily. For these systems it is useful to have pure shell script API interactions.
8 years ago
Resolved conflict. Resolved conflict.
8 years ago
Updated README.md (2 of 2)
8 years ago
include dnsimple api Even though DNSimple is technically covered with lexicon not all systems can install python pip's easily. For these systems it is useful to have pure shell script API interactions.
8 years ago
Add dns_vscale.sh
8 years ago
link to contributor repo for support issues relating to the dnsimple API integration
8 years ago
I can do it... just discovered vmdiff
7 years ago
last but not least
7 years ago
Updated DNS API support list.
7 years ago
Fixup dns_dreamhost travis failures
7 years ago
Update DuckDNS support, fix failure on first call, no longer save the domain/username as a global, and other tweaks
7 years ago
Updated DNS API support list.
7 years ago
Clarified the language around the Name.com steps Name.com has simplified the process to obtain API tokens, this clarifies the language around requesting a key.
7 years ago
Updated README.md for Name.com API application.
7 years ago
Fix README.md for DNS API.
7 years ago
Updated DNS API support list.
7 years ago
Fix README.md for DNS API.
7 years ago
Updated DNS API support list.
7 years ago
Add 'dns_dyn' DNS challenge validation script for Dyn Managed DNS API dns_dyn.sh, remove empty line at end dns_dyn.sh, remove trailing spaces at end of line Replace 'head -n' with the '_head_n' function Update main README.md DNS API list
7 years ago
reformat docs
7 years ago
Add 'dns_dyn' DNS challenge validation script for Dyn Managed DNS API dns_dyn.sh, remove empty line at end dns_dyn.sh, remove trailing spaces at end of line Replace 'head -n' with the '_head_n' function Update main README.md DNS API list
7 years ago
format
7 years ago
Add dns_he - DNS API script for Hurricane Electric DNS service ... Although not yet fully Posix compatible.
7 years ago
update dns he
7 years ago
Add dns_he - DNS API script for Hurricane Electric DNS service ... Although not yet fully Posix compatible.
7 years ago
Add 'dns_dyn' DNS challenge validation script for Dyn Managed DNS API dns_dyn.sh, remove empty line at end dns_dyn.sh, remove trailing spaces at end of line Replace 'head -n' with the '_head_n' function Update main README.md DNS API list
7 years ago
Add UnoEuro to README
7 years ago
update README
7 years ago
Add UnoEuro to README
7 years ago
update README
7 years ago
Add UnoEuro to README
7 years ago
Merge branch 'dev' into master
7 years ago
Add support for inwx.de API
7 years ago
Fix order in README and add link to inwx.de and apidocs
7 years ago
Add support for inwx.de API
7 years ago
Add Support for inwx mobile tan
7 years ago
added dns api for servercow
7 years ago
Add namesilo.com dns api support
7 years ago
minor
7 years ago
Update README.md
7 years ago
Usage instructions for Azure DNS
7 years ago
Relative link to Azure DNS wiki page
7 years ago
Usage instructions for Azure DNS
7 years ago
Add selectel.com(selectel.ru) DNS API. fix https://github.com/Neilpang/acme.sh/issues/1220
7 years ago
support Zonomi.com dns api: https://github.com/Neilpang/acme.sh/issues/1255
7 years ago
Merge branch 'dev' into dreamhost_dns
7 years ago
Fixup dns_dreamhost travis failures
7 years ago
Fixed Dreamhost ENV var name in dnsapi/README.md
7 years ago
Fixup dns_dreamhost travis failures
7 years ago
Add selectel.com(selectel.ru) DNS API. fix https://github.com/Neilpang/acme.sh/issues/1220
7 years ago
Add support for DirectAdmin
7 years ago
updated docs for dns_kinghost api usage
7 years ago
fixes on dnsapi/dns_kinghost.sh and dnsapi/README.md
7 years ago
updated docs for dns_kinghost api usage
7 years ago
Add support for DirectAdmin
7 years ago
Update README.md
7 years ago
Update Zilore API description
7 years ago
Update README.md
7 years ago
Update Zilore API description
7 years ago
Update README.md
7 years ago
Merge branch 'dev' of github.com:Neilpang/acme.sh
7 years ago
loopia documentation
7 years ago
add acme-dns plugin
7 years ago
add tele3-dns plugin
6 years ago
loopia documentation
7 years ago
add tele3-dns plugin
6 years ago
added netcup dns api
6 years ago
fixed shfmt related errors in dns_euserv.sh and modified README.md
6 years ago
initial version with Euserv.eu DNS API Support - added dnsapi/dns_euserv.sh - modified dnsapi/README.md
6 years ago
Modified dnsapi/README.md
6 years ago
initial version with Euserv.eu DNS API Support - added dnsapi/dns_euserv.sh - modified dnsapi/README.md
6 years ago
Modified dnsapi/README.md
6 years ago
initial version with Euserv.eu DNS API Support - added dnsapi/dns_euserv.sh - modified dnsapi/README.md
6 years ago
fixed shfmt related errors in dns_euserv.sh and modified README.md
6 years ago
initial version with Euserv.eu DNS API Support - added dnsapi/dns_euserv.sh - modified dnsapi/README.md
6 years ago
Moved dns_gcloud to 47.
6 years ago
add dns api support for dnspod.com
6 years ago
Merge branch 'dev' of https://github.com/Neilpang/acme.sh into dev
6 years ago
Moved dns_gcloud to 47.
6 years ago
Add support ConoHa DNS API
6 years ago
Merge branch 'dev' into dev
6 years ago
Merge branch 'dev' into dev
6 years ago
added netcup dns api
6 years ago
Merge branch 'dev' into dev
6 years ago
DNS plugin for Danish service gratisdns.dk Currently only supports primary domains. My use case does not involve secondary domains so I'm not sure how it behaves, and cannot test it. Might be as simple as turning all "primary"-references into a variable that's either "primary" or "secondary", and make an extra check for this in _get_domain... Cookie handling heavily inspired by freedns plugin, including caching the cookie in the config file, so we can rm without re-authenticating
6 years ago
Gratisdns.dk: Fix typo in url, also added note recommending --dnssleep 300
6 years ago
DNS plugin for Danish service gratisdns.dk Currently only supports primary domains. My use case does not involve secondary domains so I'm not sure how it behaves, and cannot test it. Might be as simple as turning all "primary"-references into a variable that's either "primary" or "secondary", and make an extra check for this in _get_domain... Cookie handling heavily inspired by freedns plugin, including caching the cookie in the config file, so we can rm without re-authenticating
6 years ago
Gratisdns.dk: Fix typo in url, also added note recommending --dnssleep 300
6 years ago
DNS plugin for Danish service gratisdns.dk Currently only supports primary domains. My use case does not involve secondary domains so I'm not sure how it behaves, and cannot test it. Might be as simple as turning all "primary"-references into a variable that's either "primary" or "secondary", and make an extra check for this in _get_domain... Cookie handling heavily inspired by freedns plugin, including caching the cookie in the config file, so we can rm without re-authenticating
6 years ago
Gratisdns.dk: Fix typo in url, also added note recommending --dnssleep 300
6 years ago
DNS plugin for Danish service gratisdns.dk Currently only supports primary domains. My use case does not involve secondary domains so I'm not sure how it behaves, and cannot test it. Might be as simple as turning all "primary"-references into a variable that's either "primary" or "secondary", and make an extra check for this in _get_domain... Cookie handling heavily inspired by freedns plugin, including caching the cookie in the config file, so we can rm without re-authenticating
6 years ago
Usage
6 years ago
README fixes
6 years ago
Usage
6 years ago
README fixes
6 years ago
Usage
6 years ago
Add DNS API support for MyDNS.JP
6 years ago
Merge branch 'dev' into feature/hosting.de-plugin
6 years ago
added hosting.de API to README's
6 years ago
hosting.de API keys can contain special chars, so using simple quotes
6 years ago
added hosting.de API to README's
6 years ago
Merge branch 'dev' into feature/hosting.de-plugin
6 years ago
Add Neodigit.net DNS API
6 years ago
Add Exoscape API support for DNSAPI
6 years ago
Update README.md
8 years ago
Update README.md
8 years ago
Update DNS API readme
8 years ago
Update README.md
8 years ago
Update DNS API readme
8 years ago
Update README.md
8 years ago
Update DNS API readme
8 years ago
Update README.md
8 years ago
Update DNS API readme
8 years ago
Update README.md
8 years ago
add dev guide
7 years ago
adding DNSMadeEasy API
8 years ago
Update README.md
8 years ago
readme for using api
9 years ago
Update DNS API readme
8 years ago
  1. # How to use DNS API
  3. If your dns provider doesn't provide api access, you can use our dns alias mode:
  5. https://github.com/Neilpang/acme.sh/wiki/DNS-alias-mode
  7. ## 1. Use CloudFlare domain API to automatically issue cert
  9. First you need to login to your CloudFlare account to get your [API key](https://dash.cloudflare.com/profile).
  11. ```
  12. export CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
  13. export CF_Email="xxxx@sss.com"
  14. ```
  16. Ok, let's issue a cert now:
  17. ```
  18. acme.sh --issue --dns dns_cf -d example.com -d www.example.com
  19. ```
  21. The `CF_Key` and `CF_Email` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  24. ## 2. Use DNSPod.cn domain API to automatically issue cert
  26. First you need to login to your DNSPod account to get your API Key and ID.
  28. ```
  29. export DP_Id="1234"
  30. export DP_Key="sADDsdasdgdsf"
  31. ```
  33. Ok, let's issue a cert now:
  34. ```
  35. acme.sh --issue --dns dns_dp -d example.com -d www.example.com
  36. ```
  38. The `DP_Id` and `DP_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  41. ## 3. Use CloudXNS.com domain API to automatically issue cert
  43. First you need to login to your CloudXNS account to get your API Key and Secret.
  45. ```
  46. export CX_Key="1234"
  47. export CX_Secret="sADDsdasdgdsf"
  48. ```
  50. Ok, let's issue a cert now:
  51. ```
  52. acme.sh --issue --dns dns_cx -d example.com -d www.example.com
  53. ```
  55. The `CX_Key` and `CX_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  58. ## 4. Use GoDaddy.com domain API to automatically issue cert
  60. First you need to login to your GoDaddy account to get your API Key and Secret.
  62. https://developer.godaddy.com/keys/
  64. Please create a Production key, instead of a Test key.
  66. ```
  67. export GD_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
  68. export GD_Secret="asdfsdafdsfdsfdsfdsfdsafd"
  69. ```
  71. Ok, let's issue a cert now:
  72. ```
  73. acme.sh --issue --dns dns_gd -d example.com -d www.example.com
  74. ```
  76. The `GD_Key` and `GD_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  79. ## 5. Use PowerDNS embedded API to automatically issue cert
  81. First you need to login to your PowerDNS account to enable the API and set your API-Token in the configuration.
  83. https://doc.powerdns.com/md/httpapi/README/
  85. ```
  86. export PDNS_Url="http://ns.example.com:8081"
  87. export PDNS_ServerId="localhost"
  88. export PDNS_Token="0123456789ABCDEF"
  89. export PDNS_Ttl=60
  90. ```
  92. Ok, let's issue a cert now:
  93. ```
  94. acme.sh --issue --dns dns_pdns -d example.com -d www.example.com
  95. ```
  97. The `PDNS_Url`, `PDNS_ServerId`, `PDNS_Token` and `PDNS_Ttl` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  100. ## 6. Use OVH/kimsufi/soyoustart/runabove API to automatically issue cert
  102. https://github.com/Neilpang/acme.sh/wiki/How-to-use-OVH-domain-api
  105. ## 7. Use nsupdate to automatically issue cert
  107. First, generate a key for updating the zone
  108. ```
  109. b=$(dnssec-keygen -a hmac-sha512 -b 512 -n USER -K /tmp foo)
  110. cat > /etc/named/keys/update.key <<EOF
  111. key "update" {
  112. algorithm hmac-sha512;
  113. secret "$(awk '/^Key/{print $2}' /tmp/$b.private)";
  114. };
  115. EOF
  116. rm -f /tmp/$b.{private,key}
  117. ```
  119. Include this key in your named configuration
  120. ```
  121. include "/etc/named/keys/update.key";
  122. ```
  124. Next, configure your zone to allow dynamic updates.
  126. Depending on your named version, use either
  127. ```
  128. zone "example.com" {
  129. type master;
  130. allow-update { key "update"; };
  131. };
  132. ```
  133. or
  134. ```
  135. zone "example.com" {
  136. type master;
  137. update-policy {
  138. grant update subdomain example.com.;
  139. };
  140. }
  141. ```
  143. Finally, make the DNS server and update Key available to `acme.sh`
  145. ```
  146. export NSUPDATE_SERVER="dns.example.com"
  147. export NSUPDATE_KEY="/path/to/your/nsupdate.key"
  148. ```
  149. and optionally (depending on DNS server)
  150. ```
  151. export NSUPDATE_ZONE="example.com"
  152. ```
  154. Ok, let's issue a cert now:
  155. ```
  156. acme.sh --issue --dns dns_nsupdate -d example.com -d www.example.com
  157. ```
  159. The `NSUPDATE_SERVER`, `NSUPDATE_KEY`, and `NSUPDATE_ZONE` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  162. ## 8. Use LuaDNS domain API
  164. Get your API token at https://api.luadns.com/settings
  166. ```
  167. export LUA_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
  168. export LUA_Email="xxxx@sss.com"
  169. ```
  171. To issue a cert:
  172. ```
  173. acme.sh --issue --dns dns_lua -d example.com -d www.example.com
  174. ```
  176. The `LUA_Key` and `LUA_Email` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  179. ## 9. Use DNSMadeEasy domain API
  181. Get your API credentials at https://cp.dnsmadeeasy.com/account/info
  183. ```
  184. export ME_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
  185. export ME_Secret="qdfqsdfkjdskfj"
  186. ```
  188. To issue a cert:
  189. ```
  190. acme.sh --issue --dns dns_me -d example.com -d www.example.com
  191. ```
  193. The `ME_Key` and `ME_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  196. ## 10. Use Amazon Route53 domain API
  198. https://github.com/Neilpang/acme.sh/wiki/How-to-use-Amazon-Route53-API
  200. ```
  201. export AWS_ACCESS_KEY_ID=XXXXXXXXXX
  202. export AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXXXXX
  203. ```
  205. To issue a cert:
  206. ```
  207. acme.sh --issue --dns dns_aws -d example.com -d www.example.com
  208. ```
  210. The `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  212. ## 11. Use Aliyun domain API to automatically issue cert
  214. First you need to login to your Aliyun account to get your API key.
  215. [https://ak-console.aliyun.com/#/accesskey](https://ak-console.aliyun.com/#/accesskey)
  217. ```
  218. export Ali_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
  219. export Ali_Secret="jlsdflanljkljlfdsaklkjflsa"
  220. ```
  222. Ok, let's issue a cert now:
  223. ```
  224. acme.sh --issue --dns dns_ali -d example.com -d www.example.com
  225. ```
  227. The `Ali_Key` and `Ali_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  229. ## 12. Use ISPConfig 3.1 API
  231. This only works for ISPConfig 3.1 (and newer).
  233. Create a Remote User in the ISPConfig Control Panel. The Remote User must have access to at least `DNS zone functions` and `DNS txt functions`.
  235. ```
  236. export ISPC_User="xxx"
  237. export ISPC_Password="xxx"
  238. export ISPC_Api="https://ispc.domain.tld:8080/remote/json.php"
  239. export ISPC_Api_Insecure=1
  240. ```
  241. If you have installed ISPConfig on a different port, then alter the 8080 accordingly.
  242. Leaver ISPC_Api_Insecure set to 1 if you have not a valid ssl cert for your installation. Change it to 0 if you have a valid ssl cert.
  244. To issue a cert:
  245. ```
  246. acme.sh --issue --dns dns_ispconfig -d example.com -d www.example.com
  247. ```
  249. The `ISPC_User`, `ISPC_Password`, `ISPC_Api`and `ISPC_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  251. ## 13. Use Alwaysdata domain API
  253. First you need to login to your Alwaysdata account to get your API Key.
  255. ```sh
  256. export AD_API_KEY="myalwaysdataapikey"
  257. ```
  259. Ok, let's issue a cert now:
  261. ```sh
  262. acme.sh --issue --dns dns_ad -d example.com -d www.example.com
  263. ```
  265. The `AD_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused
  266. when needed.
  268. ## 14. Use Linode domain API
  270. The tokens created in the classic manager and cloud manager are incompatible
  271. with one another. While the classic manager makes an all or nothing API, the
  272. newer cloud manager interface promises to produce API keys with a finer
  273. permission system. However, either way works just fine.
  275. ### Classic Manager ###
  277. Classic Manager: https://manager.linode.com/profile/api
  279. First you need to login to your Linode account to get your API Key.
  281. Then add an API key with label *ACME* and copy the new key into the following
  282. command.
  284. ```sh
  285. export LINODE_API_KEY="..."
  286. ```
  288. Due to the reload time of any changes in the DNS records, we have to use the
  289. `dnssleep` option to wait at least 15 minutes for the changes to take effect.
  291. Ok, let's issue a cert now:
  293. ```sh
  294. acme.sh --issue --dns dns_linode --dnssleep 900 -d example.com -d www.example.com
  295. ```
  297. The `LINODE_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be
  298. reused when needed.
  300. ### Cloud Manager ###
  302. Cloud Manager: https://cloud.linode.com/profile/tokens
  304. First you need to login to your Linode account to get your API Key.
  306. 1. Click on "Add a Personal Access Token".
  307. 2. Give the new key a "Label" (we recommend *ACME*)
  308. 3. Give it Read/Write access to "Domains"
  309. 4. "Submit" and copy the new key into the `LINODE_V4_API_KEY` command below.
  311. ```sh
  312. export LINODE_V4_API_KEY="..."
  313. ```
  315. Due to the reload time of any changes in the DNS records, we have to use the
  316. `dnssleep` option to wait at least 15 minutes for the changes to take effect.
  318. Ok, let's issue a cert now:
  320. ```sh
  321. acme.sh --issue --dns dns_linode_v4 --dnssleep 900 -d example.com -d www.example.com
  322. ```
  324. The `LINODE_V4_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be
  325. reused when needed.
  327. ## 15. Use FreeDNS
  329. FreeDNS (https://freedns.afraid.org/) does not provide an API to update DNS records (other than IPv4 and IPv6
  330. dynamic DNS addresses). The acme.sh plugin therefore retrieves and updates domain TXT records by logging
  331. into the FreeDNS website to read the HTML and posting updates as HTTP. The plugin needs to know your
  332. userid and password for the FreeDNS website.
  334. ```sh
  335. export FREEDNS_User="..."
  336. export FREEDNS_Password="..."
  337. ```
  339. You need only provide this the first time you run the acme.sh client with FreeDNS validation and then again
  340. whenever you change your password at the FreeDNS site. The acme.sh FreeDNS plugin does not store your userid
  341. or password but rather saves an authentication token returned by FreeDNS in `~/.acme.sh/account.conf` and
  342. reuses that when needed.
  344. Now you can issue a certificate.
  346. ```sh
  347. acme.sh --issue --dns dns_freedns -d example.com -d www.example.com
  348. ```
  350. Note that you cannot use acme.sh automatic DNS validation for FreeDNS public domains or for a subdomain that
  351. you create under a FreeDNS public domain. You must own the top level domain in order to automatically
  352. validate with acme.sh at FreeDNS.
  354. ## 16. Use cyon.ch
  356. You only need to set your cyon.ch login credentials.
  357. If you also have 2 Factor Authentication (OTP) enabled, you need to set your secret token too and have `oathtool` installed.
  359. ```
  360. export CY_Username="your_cyon_username"
  361. export CY_Password="your_cyon_password"
  362. export CY_OTP_Secret="your_otp_secret" # Only required if using 2FA
  363. ```
  365. To issue a cert:
  366. ```
  367. acme.sh --issue --dns dns_cyon -d example.com -d www.example.com
  368. ```
  370. The `CY_Username`, `CY_Password` and `CY_OTP_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  372. ## 17. Use Domain-Offensive/Resellerinterface/Domainrobot API
  374. ATTENTION: You need to be a registered Reseller to be able to use the ResellerInterface. As a normal user you can not use this method.
  376. You will need your login credentials (Partner ID+Password) to the Resellerinterface, and export them before you run `acme.sh`:
  377. ```
  378. export DO_PID="KD-1234567"
  379. export DO_PW="cdfkjl3n2"
  380. ```
  382. Ok, let's issue a cert now:
  383. ```
  384. acme.sh --issue --dns dns_do -d example.com -d www.example.com
  385. ```
  387. ## 18. Use Gandi LiveDNS API
  389. You must enable the new Gandi LiveDNS API first and the create your api key, See: http://doc.livedns.gandi.net/
  391. ```
  392. export GANDI_LIVEDNS_KEY="fdmlfsdklmfdkmqsdfk"
  393. ```
  395. Ok, let's issue a cert now:
  396. ```
  397. acme.sh --issue --dns dns_gandi_livedns -d example.com -d www.example.com
  398. ```
  400. ## 19. Use Knot (knsupdate) DNS API to automatically issue cert
  402. First, generate a TSIG key for updating the zone.
  404. ```
  405. keymgr tsig generate -t acme_key hmac-sha512 > /etc/knot/acme.key
  406. ```
  408. Include this key in your knot configuration file.
  410. ```
  411. include: /etc/knot/acme.key
  412. ```
  414. Next, configure your zone to allow dynamic updates.
  416. Dynamic updates for the zone are allowed via proper ACL rule with the `update` action. For in-depth instructions, please see [Knot DNS's documentation](https://www.knot-dns.cz/documentation/).
  418. ```
  419. acl:
  420. - id: acme_acl
  421. address: 192.168.1.0/24
  422. key: acme_key
  423. action: update
  425. zone:
  426. - domain: example.com
  427. file: example.com.zone
  428. acl: acme_acl
  429. ```
  431. Finally, make the DNS server and TSIG Key available to `acme.sh`
  433. ```
  434. export KNOT_SERVER="dns.example.com"
  435. export KNOT_KEY=`grep \# /etc/knot/acme.key | cut -d' ' -f2`
  436. ```
  438. Ok, let's issue a cert now:
  439. ```
  440. acme.sh --issue --dns dns_knot -d example.com -d www.example.com
  441. ```
  443. The `KNOT_SERVER` and `KNOT_KEY` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  445. ## 20. Use DigitalOcean API (native)
  447. You need to obtain a read and write capable API key from your DigitalOcean account. See: https://www.digitalocean.com/help/api/
  449. ```
  450. export DO_API_KEY="75310dc4ca779ac39a19f6355db573b49ce92ae126553ebd61ac3a3ae34834cc"
  451. ```
  453. Ok, let's issue a cert now:
  454. ```
  455. acme.sh --issue --dns dns_dgon -d example.com -d www.example.com
  456. ```
  458. ## 21. Use ClouDNS.net API
  460. You need to set the HTTP API user ID and password credentials. See: https://www.cloudns.net/wiki/article/42/. For security reasons, it's recommended to use a sub user ID that only has access to the necessary zones, as a regular API user has access to your entire account.
  462. ```
  463. # Use this for a sub auth ID
  464. export CLOUDNS_SUB_AUTH_ID=XXXXX
  465. # Use this for a regular auth ID
  466. #export CLOUDNS_AUTH_ID=XXXXX
  467. export CLOUDNS_AUTH_PASSWORD="YYYYYYYYY"
  468. ```
  470. Ok, let's issue a cert now:
  471. ```
  472. acme.sh --issue --dns dns_cloudns -d example.com -d www.example.com
  473. ```
  474. The `CLOUDNS_AUTH_ID` and `CLOUDNS_AUTH_PASSWORD` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  476. ## 22. Use Infoblox API
  478. First you need to create/obtain API credentials on your Infoblox appliance.
  480. ```
  481. export Infoblox_Creds="username:password"
  482. export Infoblox_Server="ip or fqdn of infoblox appliance"
  483. ```
  485. Ok, let's issue a cert now:
  486. ```
  487. acme.sh --issue --dns dns_infoblox -d example.com -d www.example.com
  488. ```
  490. Note: This script will automatically create and delete the ephemeral txt record.
  491. The `Infoblox_Creds` and `Infoblox_Server` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  494. ## 23. Use VSCALE API
  496. First you need to create/obtain API tokens on your [settings panel](https://vscale.io/panel/settings/tokens/).
  498. ```
  499. export VSCALE_API_KEY="sdfsdfsdfljlbjkljlkjsdfoiwje"
  500. ```
  502. Ok, let's issue a cert now:
  503. ```
  504. acme.sh --issue --dns dns_vscale -d example.com -d www.example.com
  505. ```
  507. ## 24. Use Dynu API
  509. First you need to create/obtain API credentials from your Dynu account. See: https://www.dynu.com/resources/api/documentation
  511. ```
  512. export Dynu_ClientId="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
  513. export Dynu_Secret="yyyyyyyyyyyyyyyyyyyyyyyyy"
  514. ```
  516. Ok, let's issue a cert now:
  517. ```
  518. acme.sh --issue --dns dns_dynu -d example.com -d www.example.com
  519. ```
  521. The `Dynu_ClientId` and `Dynu_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  523. ## 25. Use DNSimple API
  525. First you need to login to your DNSimple account and generate a new oauth token.
  527. https://dnsimple.com/a/{your account id}/account/access_tokens
  529. Note that this is an _account_ token and not a user token. The account token is
  530. needed to infer the `account_id` used in requests. A user token will not be able
  531. to determine the correct account to use.
  533. ```
  534. export DNSimple_OAUTH_TOKEN="sdfsdfsdfljlbjkljlkjsdfoiwje"
  535. ```
  537. To issue the cert just specify the `dns_dnsimple` API.
  539. ```
  540. acme.sh --issue --dns dns_dnsimple -d example.com
  541. ```
  543. The `DNSimple_OAUTH_TOKEN` will be saved in `~/.acme.sh/account.conf` and will
  544. be reused when needed.
  546. If you have any issues with this integration please report them to
  547. https://github.com/pho3nixf1re/acme.sh/issues.
  549. ## 26. Use NS1.com API
  551. ```
  552. export NS1_Key="fdmlfsdklmfdkmqsdfk"
  553. ```
  555. Ok, let's issue a cert now:
  556. ```
  557. acme.sh --issue --dns dns_nsone -d example.com -d www.example.com
  558. ```
  560. ## 27. Use DuckDNS.org API
  562. ```
  563. export DuckDNS_Token="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
  564. ```
  566. Please note that since DuckDNS uses StartSSL as their cert provider, thus
  567. --insecure may need to be used when issuing certs:
  568. ```
  569. acme.sh --insecure --issue --dns dns_duckdns -d mydomain.duckdns.org
  570. ```
  572. For issues, please report to https://github.com/raidenii/acme.sh/issues.
  574. ## 28. Use Name.com API
  576. Create your API token here: https://www.name.com/account/settings/api
  578. Note: `Namecom_Username` should be your Name.com username and not the token name. If you accidentally run the script with the token name as the username see `~/.acme.sh/account.conf` to fix the issue
  580. ```
  581. export Namecom_Username="testuser"
  582. export Namecom_Token="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  583. ```
  585. And now you can issue certs with:
  587. ```
  588. acme.sh --issue --dns dns_namecom -d example.com -d www.example.com
  589. ```
  591. For issues, please report to https://github.com/raidenii/acme.sh/issues.
  593. ## 29. Use Dyn Managed DNS API to automatically issue cert
  595. First, login to your Dyn Managed DNS account: https://portal.dynect.net/login/
  597. It is recommended to add a new user specific for API access.
  599. The minimum "Zones & Records Permissions" required are:
  600. ```
  601. RecordAdd
  602. RecordUpdate
  603. RecordDelete
  604. RecordGet
  605. ZoneGet
  606. ZoneAddNode
  607. ZoneRemoveNode
  608. ZonePublish
  609. ```
  611. Pass the API user credentials to the environment:
  612. ```
  613. export DYN_Customer="customer"
  614. export DYN_Username="apiuser"
  615. export DYN_Password="secret"
  616. ```
  618. Ok, let's issue a cert now:
  619. ```
  620. acme.sh --issue --dns dns_dyn -d example.com -d www.example.com
  621. ```
  623. The `DYN_Customer`, `DYN_Username` and `DYN_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  625. ## 30. Use pdd.yandex.ru API
  627. ```
  628. export PDD_Token="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  629. ```
  631. Follow these instructions to get the token for your domain https://tech.yandex.com/domain/doc/concepts/access-docpage/
  632. ```
  633. acme.sh --issue --dns dns_yandex -d mydomain.example.org
  634. ```
  636. For issues, please report to https://github.com/non7top/acme.sh/issues.
  638. ## 31. Use Hurricane Electric
  640. Hurricane Electric (https://dns.he.net/) doesn't have an API so just set your login credentials like so:
  642. ```
  643. export HE_Username="yourusername"
  644. export HE_Password="password"
  645. ```
  647. Then you can issue your certificate:
  649. ```
  650. acme.sh --issue --dns dns_he -d example.com -d www.example.com
  651. ```
  653. The `HE_Username` and `HE_Password` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  655. Please report any issues to https://github.com/angel333/acme.sh or to <me@ondrejsimek.com>.
  657. ## 32. Use UnoEuro API to automatically issue cert
  659. First you need to login to your UnoEuro account to get your API key.
  661. ```
  662. export UNO_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
  663. export UNO_User="UExxxxxx"
  664. ```
  666. Ok, let's issue a cert now:
  667. ```
  668. acme.sh --issue --dns dns_unoeuro -d example.com -d www.example.com
  669. ```
  671. The `UNO_Key` and `UNO_User` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  673. ## 33. Use INWX
  675. [INWX](https://www.inwx.de/) offers an [xmlrpc api](https://www.inwx.de/de/help/apidoc) with your standard login credentials, set them like so:
  677. ```
  678. export INWX_User="yourusername"
  679. export INWX_Password="password"
  680. ```
  682. Then you can issue your certificates with:
  684. ```
  685. acme.sh --issue --dns dns_inwx -d example.com -d www.example.com
  686. ```
  688. The `INWX_User` and `INWX_Password` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  690. If your account is secured by mobile tan you have also defined the shared secret.
  692. ```
  693. export INWX_Shared_Secret="shared secret"
  694. ```
  696. You may need to re-enable the mobile tan to gain the shared secret.
  698. ## 34. User Servercow API v1
  700. Create a new user from the servercow control center. Don't forget to activate **DNS API** for this user.
  702. ```
  703. export SERVERCOW_API_Username=username
  704. export SERVERCOW_API_Password=password
  705. ```
  707. Now you cann issue a cert:
  709. ```
  710. acme.sh --issue --dns dns_servercow -d example.com -d www.example.com
  711. ```
  712. Both, `SERVERCOW_API_Username` and `SERVERCOW_API_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  714. ## 35. Use Namesilo.com API
  716. You'll need to generate an API key at https://www.namesilo.com/account_api.php
  717. Optionally you may restrict the access to an IP range there.
  719. ```
  720. export Namesilo_Key="xxxxxxxxxxxxxxxxxxxxxxxx"
  721. ```
  723. And now you can issue certs with:
  725. ```
  726. acme.sh --issue --dns dns_namesilo --dnssleep 900 -d example.com -d www.example.com
  727. ```
  729. ## 36. Use autoDNS (InternetX)
  731. [InternetX](https://www.internetx.com/) offers an [xml api](https://help.internetx.com/display/API/AutoDNS+XML-API) with your standard login credentials, set them like so:
  733. ```
  734. export AUTODNS_USER="yourusername"
  735. export AUTODNS_PASSWORD="password"
  736. export AUTODNS_CONTEXT="context"
  737. ```
  739. Then you can issue your certificates with:
  741. ```
  742. acme.sh --issue --dns dns_autodns -d example.com -d www.example.com
  743. ```
  745. The `AUTODNS_USER`, `AUTODNS_PASSWORD` and `AUTODNS_CONTEXT` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  747. ## 37. Use Azure DNS
  749. You have to create a service principal first. See:[How to use Azure DNS](../../../wiki/How-to-use-Azure-DNS)
  751. ```
  752. export AZUREDNS_SUBSCRIPTIONID="12345678-9abc-def0-1234-567890abcdef"
  753. export AZUREDNS_TENANTID="11111111-2222-3333-4444-555555555555"
  754. export AZUREDNS_APPID="3b5033b5-7a66-43a5-b3b9-a36b9e7c25ed"
  755. export AZUREDNS_CLIENTSECRET="1b0224ef-34d4-5af9-110f-77f527d561bd"
  756. ```
  758. Then you can issue your certificates with:
  760. ```
  761. acme.sh --issue --dns dns_azure -d example.com -d www.example.com
  762. ```
  764. `AZUREDNS_SUBSCRIPTIONID`, `AZUREDNS_TENANTID`,`AZUREDNS_APPID` and `AZUREDNS_CLIENTSECRET` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  766. ## 38. Use selectel.com(selectel.ru) domain API to automatically issue cert
  768. First you need to login to your account to get your API key from: https://my.selectel.ru/profile/apikeys.
  770. ```sh
  771. export SL_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
  773. ```
  775. Ok, let's issue a cert now:
  776. ```
  777. acme.sh --issue --dns dns_selectel -d example.com -d www.example.com
  778. ```
  780. The `SL_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  782. ## 39. Use zonomi.com domain API to automatically issue cert
  784. First you need to login to your account to find your API key from: http://zonomi.com/app/dns/dyndns.jsp
  786. Your will find your api key in the example urls:
  788. ```sh
  789. https://zonomi.com/app/dns/dyndns.jsp?host=example.com&api_key=1063364558943540954358668888888888
  790. ```
  792. ```sh
  793. export ZM_Key="1063364558943540954358668888888888"
  795. ```
  797. Ok, let's issue a cert now:
  798. ```
  799. acme.sh --issue --dns dns_zonomi -d example.com -d www.example.com
  800. ```
  802. The `ZM_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  804. ## 40. Use DreamHost DNS API
  806. DNS API keys may be created at https://panel.dreamhost.com/?tree=home.api.
  807. Ensure the created key has add and remove privelages.
  809. ```
  810. export DH_API_KEY="<api key>"
  811. acme.sh --issue --dns dns_dreamhost -d example.com -d www.example.com
  812. ```
  814. The 'DH_API_KEY' will be saved in `~/.acme.sh/account.conf` and will
  815. be reused when needed.
  817. ## 41. Use DirectAdmin API
  818. The DirectAdmin interface has it's own Let's encrypt functionality, but this
  819. script can be used to generate certificates for names which are not hosted on
  820. DirectAdmin
  822. User must provide login data and URL to the DirectAdmin incl. port.
  823. You can create an user which only has access to
  825. - CMD_API_DNS_CONTROL
  826. - CMD_API_SHOW_DOMAINS
  828. By using the Login Keys function.
  829. See also https://www.directadmin.com/api.php and https://www.directadmin.com/features.php?id=1298
  831. ```
  832. export DA_Api="https://remoteUser:remotePassword@da.domain.tld:8443"
  833. export DA_Api_Insecure=1
  834. ```
  835. Set `DA_Api_Insecure` to 1 for insecure and 0 for secure -> difference is whether ssl cert is checked for validity (0) or whether it is just accepted (1)
  837. Ok, let's issue a cert now:
  838. ```
  839. acme.sh --issue --dns dns_da -d example.com -d www.example.com
  840. ```
  842. The `DA_Api` and `DA_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  844. ## 42. Use KingHost DNS API
  846. API access must be enabled at https://painel.kinghost.com.br/painel.api.php
  848. ```
  849. export KINGHOST_Username="yourusername"
  850. export KINGHOST_Password="yourpassword"
  851. acme.sh --issue --dns dns_kinghost -d example.com -d *.example.com
  852. ```
  854. The `KINGHOST_username` and `KINGHOST_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  856. ## 43. Use Zilore DNS API
  858. First, get your API key at https://my.zilore.com/account/api
  860. ```
  861. export Zilore_Key="5dcad3a2-36cb-50e8-cb92-000002f9"
  862. ```
  864. Ok, let's issue a cert now:
  865. ```
  866. acme.sh --issue --dns dns_zilore -d example.com -d *.example.com
  867. ```
  869. The `Zilore_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  871. ## 44. Use Loopia.se API
  872. User must provide login credentials to the Loopia API.
  873. The user needs the following permissions:
  875. - addSubdomain
  876. - updateZoneRecord
  877. - getDomains
  878. - removeSubdomain
  880. Set the login credentials:
  881. ```
  882. export LOOPIA_User="user@loopiaapi"
  883. export LOOPIA_Password="password"
  884. ```
  886. And to issue a cert:
  887. ```
  888. acme.sh --issue --dns dns_loopia -d example.com -d *.example.com
  889. ```
  891. The username and password will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  892. ## 45. Use ACME DNS API
  894. ACME DNS is a limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
  895. https://github.com/joohoi/acme-dns
  897. ```
  898. export ACMEDNS_UPDATE_URL="https://auth.acme-dns.io/update"
  899. export ACMEDNS_USERNAME="<username>"
  900. export ACMEDNS_PASSWORD="<password>"
  901. export ACMEDNS_SUBDOMAIN="<subdomain>"
  903. acme.sh --issue --dns dns_acmedns -d example.com -d www.example.com
  904. ```
  906. The credentials will be saved in `~/.acme.sh/account.conf` and will
  907. be reused when needed.
  908. ## 46. Use TELE3 API
  910. First you need to login to your TELE3 account to set your API-KEY.
  911. https://www.tele3.cz/system-acme-api.html
  913. ```
  914. export TELE3_Key="MS2I4uPPaI..."
  915. export TELE3_Secret="kjhOIHGJKHg"
  917. acme.sh --issue --dns dns_tele3 -d example.com -d *.example.com
  918. ```
  920. The TELE3_Key and TELE3_Secret will be saved in ~/.acme.sh/account.conf and will be reused when needed.
  922. ## 47. Use Euserv.eu API
  924. First you need to login to your euserv.eu account and activate your API Administration (API Verwaltung).
  925. [https://support.euserv.com](https://support.euserv.com)
  927. Once you've activate, login to your API Admin Interface and create an API account.
  928. Please specify the scope (active groups: domain) and assign the allowed IPs.
  930. ```
  931. export EUSERV_Username="99999.user123"
  932. export EUSERV_Password="Asbe54gHde"
  933. ```
  935. Ok, let's issue a cert now: (Be aware to use the `--insecure` flag, cause euserv.eu is still using self-signed certificates!)
  936. ```
  937. acme.sh --issue --dns dns_euserv -d example.com -d *.example.com --insecure
  938. ```
  940. The `EUSERV_Username` and `EUSERV_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  942. Please report any issues to https://github.com/initit/acme.sh or to <github@initit.de>
  944. ## 48. Use DNSPod.com domain API to automatically issue cert
  946. First you need to get your API Key and ID by this [get-the-user-token](https://www.dnspod.com/docs/info.html#get-the-user-token).
  948. ```
  949. export DPI_Id="1234"
  950. export DPI_Key="sADDsdasdgdsf"
  951. ```
  953. Ok, let's issue a cert now:
  954. ```
  955. acme.sh --issue --dns dns_dpi -d example.com -d www.example.com
  956. ```
  958. The `DPI_Id` and `DPI_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  960. ## 49. Use Google Cloud DNS API to automatically issue cert
  962. First you need to authenticate to gcloud.
  964. ```
  965. gcloud init
  966. ```
  968. **The `dns_gcloud` script uses the active gcloud configuration and credentials.**
  969. There is no logic inside `dns_gcloud` to override the project and other settings.
  970. If needed, create additional [gcloud configurations](https://cloud.google.com/sdk/gcloud/reference/topic/configurations).
  971. You can change the configuration being used without *activating* it; simply set the `CLOUDSDK_ACTIVE_CONFIG_NAME` environment variable.
  973. To issue a certificate you can:
  974. ```
  975. export CLOUDSDK_ACTIVE_CONFIG_NAME=default # see the note above
  976. acme.sh --issue --dns dns_gcloud -d example.com -d '*.example.com'
  977. ```
  979. `dns_gcloud` also supports [DNS alias mode](https://github.com/Neilpang/acme.sh/wiki/DNS-alias-mode).
  981. ## 50. Use ConoHa API
  983. First you need to login to your ConoHa account to get your API credentials.
  985. ```
  986. export CONOHA_Username="xxxxxx"
  987. export CONOHA_Password="xxxxxx"
  988. export CONOHA_TenantId="xxxxxx"
  989. export CONOHA_IdentityServiceApi="https://identity.xxxx.conoha.io/v2.0"
  990. ```
  992. To issue a cert:
  993. ```
  994. acme.sh --issue --dns dns_conoha -d example.com -d www.example.com
  995. ```
  997. The `CONOHA_Username`, `CONOHA_Password`, `CONOHA_TenantId` and `CONOHA_IdentityServiceApi` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  999. ## 51. Use netcup DNS API to automatically issue cert
  1001. First you need to login in your CCP account to get your API Key and API Password.
  1002. ```
  1003. export NC_Apikey="<Apikey>"
  1004. export NC_Apipw="<Apipassword>"
  1005. export NC_CID="<Customernumber>"
  1006. ```
  1008. Now, let's issue a cert:
  1009. ```
  1010. acme.sh --issue --dns dns_netcup -d example.com -d www.example.com
  1011. ```
  1013. The `NC_Apikey`,`NC_Apipw` and `NC_CID` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  1015. ## 52. Use GratisDNS.dk
  1017. GratisDNS.dk (https://gratisdns.dk/) does not provide an API to update DNS records (other than IPv4 and IPv6
  1018. dynamic DNS addresses). The acme.sh plugin therefore retrieves and updates domain TXT records by logging
  1019. into the GratisDNS website to read the HTML and posting updates as HTTP. The plugin needs to know your
  1020. userid and password for the GratisDNS website.
  1022. ```sh
  1023. export GDNSDK_Username="..."
  1024. export GDNSDK_Password="..."
  1025. ```
  1026. The username and password will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  1029. Now you can issue a certificate.
  1031. Note: It usually takes a few minutes (usually 3-4 minutes) before the changes propagates to gratisdns.dk nameservers (ns3.gratisdns.dk often are slow),
  1032. and in rare cases I have seen over 5 minutes before google DNS catches it. Therefor a DNS sleep of at least 300 seconds are recommended-
  1034. ```sh
  1035. acme.sh --issue --dns dns_gdnsdk --dnssleep 300 -d example.com -d *.example.com
  1036. ```
  1038. ## 53. Use Namecheap
  1040. You will need your namecheap username, API KEY (https://www.namecheap.com/support/api/intro.aspx) and your external IP address (or an URL to get it), this IP will need to be whitelisted at Namecheap.
  1041. Due to Namecheap's API limitation all the records of your domain will be read and re applied, make sure to have a backup of your records you could apply if any issue would arise.
  1043. ```sh
  1044. export NAMECHEAP_USERNAME="..."
  1045. export NAMECHEAP_API_KEY="..."
  1046. export NAMECHEAP_SOURCEIP="..."
  1047. ```
  1049. NAMECHEAP_SOURCEIP can either be an IP address or an URL to provide it (e.g. https://ifconfig.co/ip).
  1051. The username and password will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  1053. Now you can issue a certificate.
  1055. ```sh
  1056. acme.sh --issue --dns dns_namecheap -d example.com -d *.example.com
  1057. ```
  1059. ## 54. Use MyDNS.JP API
  1061. First, register to MyDNS.JP and get MasterID and Password.
  1063. ```
  1064. export MYDNSJP_MasterID=MasterID
  1065. export MYDNSJP_Password=Password
  1066. ```
  1068. To issue a certificate:
  1070. ```
  1071. acme.sh --issue --dns dns_mydnsjp -d example.com -d www.example.com
  1072. ```
  1073. The `MYDNSJP_MasterID` and `MYDNSJP_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  1075. ## 55. Use hosting.de API
  1077. Create an API key in your hosting.de account here: https://secure.hosting.de
  1079. The key needs the following rights:
  1080. - DNS_ZONES_EDIT
  1081. - DNS_ZONES_LIST
  1083. Set your API Key and endpoint:
  1085. ```
  1086. export HOSTINGDE_APIKEY='xxx'
  1087. export HOSTINGDE_ENDPOINT='https://secure.hosting.de'
  1088. ```
  1090. The plugin can also be used for the http.net API. http.net customers have to set endpoint to https://partner.http.net.
  1092. Ok, let's issue a cert now:
  1093. ```
  1094. acme.sh --issue --dns dns_hostingde -d example.com -d *.example.com
  1095. ```
  1097. The hosting.de API key and endpoint will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  1099. ## 56. Use Neodigit.net API
  1101. ```
  1102. export NEODIGIT_API_TOKEN="eXJxTkdUVUZmcHQ3QWJackQ4ZGlMejRDSklRYmo5VG5zcFFKK2thYnE0WnVnNnMy"
  1103. ```
  1105. Ok, let's issue a cert now:
  1106. ```
  1107. acme.sh --issue --dns dns_neodigit -d example.com -d www.example.com
  1108. ```
  1110. Neodigit API Token will be saved in `~/.acme.sh/account.conf` and will be used when needed.
  1112. ## 57. Use Exoscale API
  1114. Create an API key and secret key in the Exoscale account section
  1116. Set your API and secret key:
  1118. ```
  1119. export EXOSCALE_API_KEY='xxx'
  1120. export EXOSCALE_SECRET_KEY='xxx'
  1121. ```
  1123. Now, let's issue a cert:
  1124. ```
  1125. acme.sh --issue --dns dns_netcup -d example.com -d www.example.com
  1126. ```
  1128. The `EXOSCALE_API_KEY` and `EXOSCALE_SECRET_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
  1130. # Use custom API
  1132. If your API is not supported yet, you can write your own DNS API.
  1134. Let's assume you want to name it 'myapi':
  1136. 1. Create a bash script named `~/.acme.sh/dns_myapi.sh`,
  1137. 2. In the script you must have a function named `dns_myapi_add()` which will be called by acme.sh to add the DNS records.
  1138. 3. Then you can use your API to issue cert like this:
  1140. ```
  1141. acme.sh --issue --dns dns_myapi -d example.com -d www.example.com
  1142. ```
  1144. For more details, please check our sample script: [dns_myapi.sh](dns_myapi.sh)
  1146. See: https://github.com/Neilpang/acme.sh/wiki/DNS-API-Dev-Guide
  1148. # Use lexicon DNS API
  1150. https://github.com/Neilpang/acme.sh/wiki/How-to-use-lexicon-dns-api