This allows automatic completion of Certbot's DNS01 challenge for domains managed on Loopia DNS.
$ sudo pip install certbot-dns-loopia
Note that you should normally install this as root
, unless you know
what you are doing.
The plugin requires the following permissions enabled for your Loopia API user:
addZoneRecord
getZoneRecords
removeSubdomain
removeZoneRecord
An INI file with user
and password
for your Loopia API user needs to be created. user
normally has the format user@loopiaapi
.
The credentials file must have the following format:
dns_loopia_user = user@loopiaapi
dns_loopia_password = passwordgoeshere
For safety reasons the file must not be world readable. You can solve this by running:
$ chmod 600 credentials.ini
When using certbot
with certbot-dns-loopia
, aside from the usual parameters accepted by certbot
, the following
parameters may be used:
Parameter | Required? | Default | Description |
---|---|---|---|
--dns-loopia-credentials <path> |
✔️️ | - | The path of the INI file containing your Loopia API user credentials |
--dns-loopia-propagation-seconds <seconds> |
900 | Determines how many seconds to wait before contacting the ACME server after adding the zone record to Loopia DNS |
To obtain a certificate for domain.com
, run certbot
using:
$ sudo certbot certonly \
--authenticator dns-loopia \
--dns-loopia-credentials credentials.ini \
-d domain.com
To obtain a wildcard certificate for all subdomains of domain.com
:
$ sudo certbot certonly \
--authenticator dns-loopia \
--dns-loopia-credentials credentials.ini \
-d *.domain.com
To obtain a certificate valid for multiple domains using SAN,
in this example for foo.com
and bar.com
:
$ sudo certbot certonly \
--authenticator dns-loopia \
--dns-loopia-credentials credentials.ini \
-d foo.com \
-d bar.com
-
Due to caching on Loopia's side it can take up to 15 minutes before changes propagate. Therefore, the plugin will wait 15 minutes before contacting the ACME server.
It has been known to work with as little as 90 seconds and sometimes less. If you want to try something other than 15 minutes, use
--dns-loopia-propagation-seconds 90
for 90 seconds or however many seconds you want.
How to set up a dev environment, test and publish new versions of the project is described on the DEVELOP page.
This plugin is neither affiliated with nor endorsed by Loopia AB.