Updated to use suggested export _H1 env var to supply Authorization Basic credentials. This undocumented support for Basic Authorization, ContentType, etc. needs to be documented in DNSAPI Dev Guide. Removed two stray debugging lines.
Created _get_root() that tests the requested host is a subdomain to the domains hosted on MailinaBox (MIAB) DNS Server. Created common _miab_rest() used with dns_miab_add(), dns_miab_rm() and _get_root(). Also created barbaric _is_json() to test the response given by the MIAB Custom DNS API at least looks like a JSON file. We should add a hint to use _normalizeJson with JSON responses so _startswith, _endswith won't perplexingly fail.
Ok, should have noticed earlier that the calls to the private function _miab_post() never used the _needbase64_ or the __postContentType parameters. Parameters and code to handle them has been factored out.
Know I'm new to contorting to this project. I i've broke conventions please let me know what I've screwed up and I'll set it right as quickly as possible.
Propose this as a new DNS-01 validation script to dynamically add challenge DNS records to MailinaBox (MIAB) DNS. MIAB uses a custom DNS API to manage external DNS records.
The script was originally written by Darven Dissek and can be found in his repository: https://framagit.org/DarvenDissek/acme.sh-MIAB-DNS-API/). This has been forked and some slight cleanup applied and change shebang to UNIx shell. The forked repository can be found here: https://github.com/billgertz/MIAB_dns_api.
Wrote to Darven but received no reply. Support for this script has been submitted to the OPNsense project via this pull request: https://github.com/opnsense/plugins/pull/1531
* first version dns_rcode0.sh
* fixed URLs for ACME calls
* fixed challenge remove
* read & write Token/URL at rm too
* make info messages debug
* typos fixed
* update rrset only if existing challenge is found
* polish error messages and make "detect root zone" scaleable
* fixed formating issues
* code cleanup, remove some unneeded functions
* removed empty lines
* save rcode0 url only if not default
Implements validation using CNAMEs and RFC2138, as described in the
Let's Encrypt documentation.
For instance, if requesting the domain "test.net" with a CNAME from
"_acme-challenge.test.net" to "_acme-challenge.ledomain.net". As per the
spec this is fully supported, but using RFC2138 and nsupdate, acme.sh
did not support this properly, instead trying to add the record to the
original fulldomain unconditionally.
To implement this, this commit adds an additional environment variable,
NSUPDATE_CNAME_ZONE, which would contain the target zone, for instance
in the example above, "ledomain.net". If this variable is set, nsupdate
then adds/removes the _acme-validation TXT record to that zone instead
of the requested zone, as well as printing a helpful message mentioning
that the CNAME must exist for this to succeed.
Previously, the else was assumed to be the one where NSUPDATE_ZONE was
set. Flip this in order to facilitate adding additional nsupdate
configurations.
* support jdcloud.com
* fix format
* ttl 3000
* Escape slashes (#2375)
* Change 1.1.1.1 to 1.0.0.1 to probe compatibility (#2330)
As we can see, 1.1.1.1 is not routed or routed to an Intranet devices due to historical reason. Change 1.1.1.1 to 1.0.0.1 will have a better compatibility. I found this problem on my Tencent Cloud server.
* check empty id
* fix error
* Add dnsapi for Vultr (#2370)
* Add Vultr dns api
* PushOver notifications (#2325)
* PushOver notifications, using AppToken, UserKey, and optional sounds
* fix errors
* added dns api support for hexonet (#1776)
* update
* minor
* support new Cloudflare Token format
fix https://github.com/Neilpang/acme.sh/issues/2398
* fix wildcard domain name
* add more info
* fix https://github.com/Neilpang/acme.sh/issues/2377
* fix format
* fix format
scottkof
neilpang
Rolph Haspers
neil
David Robles
rserpent
Bill Gertz
Vadim Kalinnikov
Peter Dave Hello
Michael Braunoeder
Joshua Boniface
Boot Lee
Kent Varmedal
Phil Porada
David Kerr
Sky Chen
neil
James Qian