certbot dns插件

安装python插件
sudo apt-get install python3-setuptools
sudo easy_install3 pip
sudo pip install certbot-dns-dnspod
根据https://github.com/SkyLothar/certbot-dns-dnspod这个插件的作者提示,需要先创建一个dns鉴权的配置文件.此处需要申请dnspod的密钥。密钥格式为"id,key"的方式,这里一定不能写错。
vim /etc/letsencrypt/dnspod.conf
certbot_dns_dnspod:dns_dnspod_email = "DNSPOD邮箱"
certbot_dns_dnspod:dns_dnspod_api_token = "id,key"

然后新创建通配符域名:
sudo certbot certonly --server https://acme-v02.api.letsencrypt.org/directory -a certbot-dns-dnspod:dns-dnspod --certbot-dns-dnspod:dns-dnspod-credentials /etc/letsencrypt/dnspod.conf -d "zhangyuqing.me" -d "*.zhangyuqing.me"

然后到期后的续期操作:
sudo certbot renew --server https://acme-v02.api.letsencrypt.org/directory -a certbot-dns-dnspod:dns-dnspod --certbot-dns-dnspod:dns-dnspod-credentials /etc/letsencrypt/dnspod.conf

1 )去 DNSPod.cn 申请 api 授权

2 )安装插件:pip install certbot-dns-dnspod

3 )生成插件配置文件,例如保存到文件/etc/cetbot-dns-dnspod-credentials.ini。重点是双引号不可缺,token 的格式是 id 和 token 以逗号分隔

certbot_dns_dnspod:dns_dnspod_email = "DNSPod 账户的 Email"
certbot_dns_dnspod:dns_dnspod_api_token = "api_id,api_token"

4 )配置文件设置权限(只是为了安全,此步可不做):sudo chmod 600 /etc/cetbot-dns-dnspod-credentials.ini

5 )更新证书。xxx.com 需要替换为相关域名。

certbot certonly -a certbot-dns-dnspod:dns-dnspod \
    --certbot-dns-dnspod:dns-dnspod-credentials /etc/cetbot-dns-dnspod-credentials.ini \
    -d xxx.com

你可能感兴趣的:(certbot dns插件)