The `acme.NewClient` function's `caDirURL` argument is expected to be
the full path to the ACME server's directory endpoint. In the README
example of using Lego programmatically against a Boulder instance only
the hostname & port are provided but not the directory path:
`"http://192.168.99.100:4000"`
This produces an error like:
```
2018/01/15 14:34:06 get directory at 'http://192.168.99.100:4000': invalid
character '<' looking for beginning of value
```
When used verbatim with a Boulder container since the `/directory` is
missing and "What is an ACME server" HTML index page is returned.
This commit updates the example to use:
`"http://192.168.99.100:4000/directory"`
Which allows the example code to work with Boulder as-intended.
Fully backwards compatible in terms of credential mechanisms
(environment variables, shared credentials file, EC2 metadata). If a
custom AWS IAM policy is in use it needs to be updated with permissions
for the route53:ListHostedZonesByName action.
This commit adds support for Dyn, specifically Dyn Managed DNS. Makes
use of the Dyn REST API [1] and requires 3 environment variables for
credentails:
DYN_CUSTOMER_NAME
DYN_USER_NAME
DYN_PASSWORD
The Dyn DNS API requires a session to be established first using the
credentials above, After creating a session an api token is used for
subsequent requests.
The unit test performs a "live test" and currently requires a valid Dyn
account and domain.
[1] https://help.dyn.com/rest/
- Removal of RFC2136_ZONE from help text
- Query nameserver directly to find zone we have to update
- During insert, make sure the new record is the ONLY challence.
(I had a few panics, hence 3 challences left. Not good.)
When using this option, the challenge will be written in a file in
".well-known/acme-challenge/" inside the given webroot folder.
This allows lego to work without binding any port at all.
`Sid` is optional and can be omitted for brevity.
Both `route53:ListHostedZones` and `route53:GetChange` are allowed for
`*`, so they can be combined into a single statement.
Actions can be combined onto the same line, since it's equivalent JSON.
