mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-12-22 21:21:42 +00:00
commit
9dac02ba5d
@ -350,6 +350,7 @@ You don't have to do anything manually!
|
|||||||
1. Exoscale.com API (https://www.exoscale.com/)
|
1. Exoscale.com API (https://www.exoscale.com/)
|
||||||
1. PointDNS API (https://pointhq.com/)
|
1. PointDNS API (https://pointhq.com/)
|
||||||
1. Active24.cz API (https://www.active24.cz/)
|
1. Active24.cz API (https://www.active24.cz/)
|
||||||
|
1. do.de API (https://www.do.de/)
|
||||||
|
|
||||||
And:
|
And:
|
||||||
|
|
||||||
|
46
acme.sh
46
acme.sh
@ -1,6 +1,6 @@
|
|||||||
#!/usr/bin/env sh
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
VER=2.8.0
|
VER=2.8.1
|
||||||
|
|
||||||
PROJECT_NAME="acme.sh"
|
PROJECT_NAME="acme.sh"
|
||||||
|
|
||||||
@ -35,7 +35,6 @@ _OLD_STAGE_CA_HOST="https://acme-staging.api.letsencrypt.org"
|
|||||||
|
|
||||||
VTYPE_HTTP="http-01"
|
VTYPE_HTTP="http-01"
|
||||||
VTYPE_DNS="dns-01"
|
VTYPE_DNS="dns-01"
|
||||||
VTYPE_TLS="tls-sni-01"
|
|
||||||
VTYPE_ALPN="tls-alpn-01"
|
VTYPE_ALPN="tls-alpn-01"
|
||||||
|
|
||||||
LOCAL_ANY_ADDRESS="0.0.0.0"
|
LOCAL_ANY_ADDRESS="0.0.0.0"
|
||||||
@ -46,7 +45,6 @@ DEFAULT_DNS_SLEEP=120
|
|||||||
|
|
||||||
NO_VALUE="no"
|
NO_VALUE="no"
|
||||||
|
|
||||||
W_TLS="tls"
|
|
||||||
W_DNS="dns"
|
W_DNS="dns"
|
||||||
W_ALPN="alpn"
|
W_ALPN="alpn"
|
||||||
DNS_ALIAS_PREFIX="="
|
DNS_ALIAS_PREFIX="="
|
||||||
@ -3080,8 +3078,8 @@ _on_before_issue() {
|
|||||||
_savedomainconf "Le_HTTPPort" "$Le_HTTPPort"
|
_savedomainconf "Le_HTTPPort" "$Le_HTTPPort"
|
||||||
fi
|
fi
|
||||||
_checkport="$Le_HTTPPort"
|
_checkport="$Le_HTTPPort"
|
||||||
elif [ "$_currentRoot" = "$W_TLS" ] || [ "$_currentRoot" = "$W_ALPN" ]; then
|
elif [ "$_currentRoot" = "$W_ALPN" ]; then
|
||||||
_info "Standalone tls/alpn mode."
|
_info "Standalone alpn mode."
|
||||||
if [ -z "$Le_TLSPort" ]; then
|
if [ -z "$Le_TLSPort" ]; then
|
||||||
Le_TLSPort=443
|
Le_TLSPort=443
|
||||||
else
|
else
|
||||||
@ -3701,10 +3699,6 @@ $_authorizations_map"
|
|||||||
vtype="$VTYPE_DNS"
|
vtype="$VTYPE_DNS"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$_currentRoot" = "$W_TLS" ]; then
|
|
||||||
vtype="$VTYPE_TLS"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "$_currentRoot" = "$W_ALPN" ]; then
|
if [ "$_currentRoot" = "$W_ALPN" ]; then
|
||||||
vtype="$VTYPE_ALPN"
|
vtype="$VTYPE_ALPN"
|
||||||
fi
|
fi
|
||||||
@ -3988,40 +3982,6 @@ $_authorizations_map"
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
elif [ "$vtype" = "$VTYPE_TLS" ]; then
|
|
||||||
#create A
|
|
||||||
#_hash_A="$(printf "%s" $token | _digest "sha256" "hex" )"
|
|
||||||
#_debug2 _hash_A "$_hash_A"
|
|
||||||
#_x="$(echo $_hash_A | cut -c 1-32)"
|
|
||||||
#_debug2 _x "$_x"
|
|
||||||
#_y="$(echo $_hash_A | cut -c 33-64)"
|
|
||||||
#_debug2 _y "$_y"
|
|
||||||
#_SAN_A="$_x.$_y.token.acme.invalid"
|
|
||||||
#_debug2 _SAN_A "$_SAN_A"
|
|
||||||
|
|
||||||
#create B
|
|
||||||
_hash_B="$(printf "%s" "$keyauthorization" | _digest "sha256" "hex")"
|
|
||||||
_debug2 _hash_B "$_hash_B"
|
|
||||||
_x="$(echo "$_hash_B" | cut -c 1-32)"
|
|
||||||
_debug2 _x "$_x"
|
|
||||||
_y="$(echo "$_hash_B" | cut -c 33-64)"
|
|
||||||
_debug2 _y "$_y"
|
|
||||||
|
|
||||||
#_SAN_B="$_x.$_y.ka.acme.invalid"
|
|
||||||
|
|
||||||
_SAN_B="$_x.$_y.acme.invalid"
|
|
||||||
_debug2 _SAN_B "$_SAN_B"
|
|
||||||
|
|
||||||
_ncaddr="$(_getfield "$_local_addr" "$_ncIndex")"
|
|
||||||
_ncIndex="$(_math "$_ncIndex" + 1)"
|
|
||||||
if ! _starttlsserver "$_SAN_B" "$_SAN_A" "$Le_TLSPort" "$keyauthorization" "$_ncaddr"; then
|
|
||||||
_err "Start tls server error."
|
|
||||||
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
|
||||||
_clearup
|
|
||||||
_on_issue_err "$_post_hook" "$vlist"
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
elif [ "$vtype" = "$VTYPE_ALPN" ]; then
|
elif [ "$vtype" = "$VTYPE_ALPN" ]; then
|
||||||
acmevalidationv1="$(printf "%s" "$keyauthorization" | _digest "sha256" "hex")"
|
acmevalidationv1="$(printf "%s" "$keyauthorization" | _digest "sha256" "hex")"
|
||||||
_debug acmevalidationv1 "$acmevalidationv1"
|
_debug acmevalidationv1 "$acmevalidationv1"
|
||||||
|
@ -1156,6 +1156,21 @@ acme.sh --issue --dns dns_active24 -d example.com -d www.example.com --dnssleep
|
|||||||
|
|
||||||
The `ACTIVE24_Token` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
|
The `ACTIVE24_Token` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
|
||||||
|
|
||||||
|
## 60. Use do.de API
|
||||||
|
|
||||||
|
Create an API token in your do.de account.
|
||||||
|
|
||||||
|
Set your API token:
|
||||||
|
```
|
||||||
|
export DO_LETOKEN='FmD408PdqT1E269gUK57'
|
||||||
|
```
|
||||||
|
|
||||||
|
To issue a certificate run:
|
||||||
|
```
|
||||||
|
acme.sh --issue --dns dns_doapi -d example.com -d *.example.com
|
||||||
|
```
|
||||||
|
|
||||||
|
The API token will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
|
||||||
|
|
||||||
# Use custom API
|
# Use custom API
|
||||||
|
|
||||||
|
59
dnsapi/dns_doapi.sh
Executable file
59
dnsapi/dns_doapi.sh
Executable file
@ -0,0 +1,59 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
# Official Let's Encrypt API for do.de / Domain-Offensive
|
||||||
|
#
|
||||||
|
# This is different from the dns_do adapter, because dns_do is only usable for enterprise customers
|
||||||
|
# This API is also available to private customers/individuals
|
||||||
|
#
|
||||||
|
# Provide the required LetsEncrypt token like this:
|
||||||
|
# DO_LETOKEN="FmD408PdqT1E269gUK57"
|
||||||
|
|
||||||
|
DO_API="https://www.do.de/api/letsencrypt"
|
||||||
|
|
||||||
|
######## Public functions #####################
|
||||||
|
|
||||||
|
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
|
dns_doapi_add() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
DO_LETOKEN="${DO_LETOKEN:-$(_readaccountconf_mutable DO_LETOKEN)}"
|
||||||
|
if [ -z "$DO_LETOKEN" ]; then
|
||||||
|
DO_LETOKEN=""
|
||||||
|
_err "You didn't configure a do.de API token yet."
|
||||||
|
_err "Please set DO_LETOKEN and try again."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_saveaccountconf_mutable DO_LETOKEN "$DO_LETOKEN"
|
||||||
|
|
||||||
|
_info "Adding TXT record to ${fulldomain}"
|
||||||
|
response="$(_get "$DO_API?token=$DO_LETOKEN&domain=${fulldomain}&value=${txtvalue}")"
|
||||||
|
if _contains "${response}" 'success'; then
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
_err "Could not create resource record, check logs"
|
||||||
|
_err "${response}"
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
dns_doapi_rm() {
|
||||||
|
fulldomain=$1
|
||||||
|
|
||||||
|
DO_LETOKEN="${DO_LETOKEN:-$(_readaccountconf_mutable DO_LETOKEN)}"
|
||||||
|
if [ -z "$DO_LETOKEN" ]; then
|
||||||
|
DO_LETOKEN=""
|
||||||
|
_err "You didn't configure a do.de API token yet."
|
||||||
|
_err "Please set DO_LETOKEN and try again."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_saveaccountconf_mutable DO_LETOKEN "$DO_LETOKEN"
|
||||||
|
|
||||||
|
_info "Deleting resource record $fulldomain"
|
||||||
|
response="$(_get "$DO_API?token=$DO_LETOKEN&domain=${fulldomain}&action=delete")"
|
||||||
|
if _contains "${response}" 'success'; then
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
_err "Could not delete resource record, check logs"
|
||||||
|
_err "${response}"
|
||||||
|
return 1
|
||||||
|
}
|
@ -3,16 +3,15 @@
|
|||||||
# Namecheap API
|
# Namecheap API
|
||||||
# https://www.namecheap.com/support/api/intro.aspx
|
# https://www.namecheap.com/support/api/intro.aspx
|
||||||
#
|
#
|
||||||
# Requires Namecheap API key set in NAMECHEAP_API_KEY, NAMECHEAP_SOURCEIP and NAMECHEAP_USERNAME set as environment variable
|
# Requires Namecheap API key set in
|
||||||
|
#NAMECHEAP_API_KEY,
|
||||||
|
#NAMECHEAP_USERNAME,
|
||||||
|
#NAMECHEAP_SOURCEIP
|
||||||
# Due to Namecheap's API limitation all the records of your domain will be read and re applied, make sure to have a backup of your records you could apply if any issue would arise.
|
# Due to Namecheap's API limitation all the records of your domain will be read and re applied, make sure to have a backup of your records you could apply if any issue would arise.
|
||||||
|
|
||||||
######## Public functions #####################
|
######## Public functions #####################
|
||||||
|
|
||||||
if [ "$STAGE" -eq 1 ]; then
|
NAMECHEAP_API="https://api.namecheap.com/xml.response"
|
||||||
NAMECHEAP_API="https://api.sandbox.namecheap.com/xml.response"
|
|
||||||
else
|
|
||||||
NAMECHEAP_API="https://api.namecheap.com/xml.response"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#Usage: dns_namecheap_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
#Usage: dns_namecheap_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
dns_namecheap_add() {
|
dns_namecheap_add() {
|
||||||
@ -144,7 +143,7 @@ _namecheap_set_publicip() {
|
|||||||
_namecheap_post() {
|
_namecheap_post() {
|
||||||
command=$1
|
command=$1
|
||||||
data="ApiUser=${NAMECHEAP_USERNAME}&ApiKey=${NAMECHEAP_API_KEY}&ClientIp=${_publicip}&UserName=${NAMECHEAP_USERNAME}&Command=${command}"
|
data="ApiUser=${NAMECHEAP_USERNAME}&ApiKey=${NAMECHEAP_API_KEY}&ClientIp=${_publicip}&UserName=${NAMECHEAP_USERNAME}&Command=${command}"
|
||||||
|
_debug2 "_namecheap_post data" "$data"
|
||||||
response="$(_post "$data" "$NAMECHEAP_API" "" "POST")"
|
response="$(_post "$data" "$NAMECHEAP_API" "" "POST")"
|
||||||
_debug2 response "$response"
|
_debug2 response "$response"
|
||||||
|
|
||||||
@ -224,6 +223,12 @@ _set_namecheap_TXT() {
|
|||||||
while read -r host; do
|
while read -r host; do
|
||||||
if _contains "$host" "<host"; then
|
if _contains "$host" "<host"; then
|
||||||
_namecheap_parse_host "$host"
|
_namecheap_parse_host "$host"
|
||||||
|
_debug2 _hostname "_hostname"
|
||||||
|
_debug2 _hosttype "_hosttype"
|
||||||
|
_debug2 _hostaddress "_hostaddress"
|
||||||
|
_debug2 _hostmxpref "_hostmxpref"
|
||||||
|
_hostaddress="$(printf "%s" "$_hostaddress" | _url_encode)"
|
||||||
|
_debug2 "encoded _hostaddress" "_hostaddress"
|
||||||
_namecheap_add_host "$_hostname" "$_hosttype" "$_hostaddress" "$_hostmxpref" "$_hostttl"
|
_namecheap_add_host "$_hostname" "$_hosttype" "$_hostaddress" "$_hostmxpref" "$_hostttl"
|
||||||
fi
|
fi
|
||||||
done <<EOT
|
done <<EOT
|
||||||
@ -278,6 +283,7 @@ _del_namecheap_TXT() {
|
|||||||
_debug "TXT entry found"
|
_debug "TXT entry found"
|
||||||
found=1
|
found=1
|
||||||
else
|
else
|
||||||
|
_hostaddress="$(printf "%s" "$_hostaddress" | _url_encode)"
|
||||||
_namecheap_add_host "$_hostname" "$_hosttype" "$_hostaddress" "$_hostmxpref" "$_hostttl"
|
_namecheap_add_host "$_hostname" "$_hosttype" "$_hostaddress" "$_hostmxpref" "$_hostttl"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
Loading…
Reference in New Issue
Block a user