Pre and Post Validation Hooks DNS for manual mode of certbot with GoDaddy domains
This repository contains pre and post validation hooks to be used with certbot command in manual mode to certify a GoDaddy Domains with DNS-01 method.
More informations are available on Certbot Doc
This script is a shell script based on /bin/bash.
It uses following command tools :
curl
dig
It depends on several packages :
yum install curl
# dig command depends on bind-utils package
yum install bind-utils
- Download this script on your system
- Replace SHELL variables
API_KEYandAPI_SECRETin this script to match them with yours values - Run
certbotinmanual modewith this two scripts as arguments :
certbot certonly --manual --preferred-challenges=dns --manual-auth-hook ./authenticator_godaddy.sh --manual-cleanup-hook ./cleanup_godaddy.sh -d $YOUR_DOMAIN
- If
certbotreturn success, you would get your new certificate on your system
If you have any problems, you can run separately this script.
For authenticator_godaddy.sh, you must set manually following variables :
CERTBOT_DOMAINCERTBOT_VALIDATION
For example, if your domain is auth.foo.mydomain.com, these variables must set like :
# Uncomment this lines only to test this script manually
CERTBOT_DOMAIN="auth.foo.mydomain.com"
CERTBOT_VALIDATION="test_value"
Once the authenticator_godaddy.sh script ended, your domain must be upgrade with _acme-challenge.auth.foo TXT record with test_value as value.
However, these lines must be commented in normal mode because $CERTBOT_DOMAIN and $CERTBOT_VALIDATION variables is defined by certbot command.
It is recommended to store separately credentials from script to avoid a security risk.
By default, these scripts will try to load your credentials from secrets file in :
/etc/certbot/$CERTBOT_DOMAIN/secrets
An sample of secrets file, named secrets.sample, is available to help you how it must be formated.
Similarly, you can modify default path of secrets file used, by editing SECRET_FILE variable.
- macSierra
- CentOS 7