* Add dns provider duckdns see http://www.duckdns.org/spec.jsp for more info
* Add DNS challenge provider 'exec' (#508)
As discussed in #505, this commits adds a very simple DNS provider which
calls out to an external program which must then add or remove the DNS
record.
* Update duckdns to support caddy, and cleanup some comments
As discussed in #505, this commits adds a very simple DNS provider which
calls out to an external program which must then add or remove the DNS
record.
If Dyn responds with a 3xx or 4xx status code, information describing exactly
what went wrong is generally included in the body of the response (as part of
the typical Dyn JSON response). On the other hand, if Dyn responds with a 5xx
status code, we very likely have extremely limited information.
This commit modifies the reporting to display the explanatory messages included
in the body of the Dyn response for 3xx and 4xx status codes. The intent is to
make it much easier to determine what might be going wrong (when something is
going wrong).
* Add otc provider.
* Added tests for provider otc.
* Format dns_providers
* fix getZoneId
* Add for tests for provider otc.
* Add proxy to transport in otc provider.
* Use DefaultTransport in otc provider.
* Make loginRequest private in provider otc.
* better error handling in provider otc.
* add more tests for provider otc.
* dns/route53: Allow specifying hosted zone ID
This commit adds support for specifying hosted zone ID via the
environment variable AWS_HOSTED_ZONE_ID. If this is not specified, the
previous discovery process is used.
This is useful in environments where multiple hosted zones for the same
domain name are present in an account.
* dns/route53: Fix up getHostedZoneID method params
Now that getHostedZoneID is a method on the DNSProvider struct, there is
no reason for it to take the Route53 client as a parameter - we can
simply use the reference stored in the struct.
When record already exists in gcloud we can't add a new record without removing the other one first. This is a simple fix that doesn't attempt to create multiple entries for the record but just removes the previous data.
fixes#218
Introduces a new command line switch `--must-staple` to `run` and `renew`.
Using this switch will add the must staple TLS extension to the CSR generated by lego and thus also to the generated certificate.
This does not work with user specified CSRs!
Fixes#270
* Add NS1 DNS provider.
Integrates Lego with NS1 using their rest API.
It uses NS1's official Go package as client:
https://github.com/ns1/ns1-go
Signed-off-by: David Calavera <david.calavera@gmail.com>
* Add NS1 to the cli handlers.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Fixes#257
Previously the google cloud provider assumed the domain being provided
was also the authoritative zone. This fix uses an acme function to
recursively lookup the authoritative zone for a provided domain.
While more than likely never to come up in a real-world situation,
during renewal integration testing a value of 120 seconds has
proven to be too high (the old challenge record has not expired
by the time the new one is created).