diff --git a/README.md b/README.md
index 70abcc6c..90a648d5 100644
--- a/README.md
+++ b/README.md
@@ -350,6 +350,7 @@ You don't have to do anything manually!
1. Exoscale.com API (https://www.exoscale.com/)
1. PointDNS API (https://pointhq.com/)
1. Active24.cz API (https://www.active24.cz/)
+1. do.de API (https://www.do.de/)
And:
diff --git a/acme.sh b/acme.sh
index d651c4f5..cfdf5714 100755
--- a/acme.sh
+++ b/acme.sh
@@ -1,6 +1,6 @@
#!/usr/bin/env sh
-VER=2.8.0
+VER=2.8.1
PROJECT_NAME="acme.sh"
@@ -35,7 +35,6 @@ _OLD_STAGE_CA_HOST="https://acme-staging.api.letsencrypt.org"
VTYPE_HTTP="http-01"
VTYPE_DNS="dns-01"
-VTYPE_TLS="tls-sni-01"
VTYPE_ALPN="tls-alpn-01"
LOCAL_ANY_ADDRESS="0.0.0.0"
@@ -46,7 +45,6 @@ DEFAULT_DNS_SLEEP=120
NO_VALUE="no"
-W_TLS="tls"
W_DNS="dns"
W_ALPN="alpn"
DNS_ALIAS_PREFIX="="
@@ -3080,8 +3078,8 @@ _on_before_issue() {
_savedomainconf "Le_HTTPPort" "$Le_HTTPPort"
fi
_checkport="$Le_HTTPPort"
- elif [ "$_currentRoot" = "$W_TLS" ] || [ "$_currentRoot" = "$W_ALPN" ]; then
- _info "Standalone tls/alpn mode."
+ elif [ "$_currentRoot" = "$W_ALPN" ]; then
+ _info "Standalone alpn mode."
if [ -z "$Le_TLSPort" ]; then
Le_TLSPort=443
else
@@ -3701,10 +3699,6 @@ $_authorizations_map"
vtype="$VTYPE_DNS"
fi
- if [ "$_currentRoot" = "$W_TLS" ]; then
- vtype="$VTYPE_TLS"
- fi
-
if [ "$_currentRoot" = "$W_ALPN" ]; then
vtype="$VTYPE_ALPN"
fi
@@ -3988,40 +3982,6 @@ $_authorizations_map"
fi
fi
-
- elif [ "$vtype" = "$VTYPE_TLS" ]; then
- #create A
- #_hash_A="$(printf "%s" $token | _digest "sha256" "hex" )"
- #_debug2 _hash_A "$_hash_A"
- #_x="$(echo $_hash_A | cut -c 1-32)"
- #_debug2 _x "$_x"
- #_y="$(echo $_hash_A | cut -c 33-64)"
- #_debug2 _y "$_y"
- #_SAN_A="$_x.$_y.token.acme.invalid"
- #_debug2 _SAN_A "$_SAN_A"
-
- #create B
- _hash_B="$(printf "%s" "$keyauthorization" | _digest "sha256" "hex")"
- _debug2 _hash_B "$_hash_B"
- _x="$(echo "$_hash_B" | cut -c 1-32)"
- _debug2 _x "$_x"
- _y="$(echo "$_hash_B" | cut -c 33-64)"
- _debug2 _y "$_y"
-
- #_SAN_B="$_x.$_y.ka.acme.invalid"
-
- _SAN_B="$_x.$_y.acme.invalid"
- _debug2 _SAN_B "$_SAN_B"
-
- _ncaddr="$(_getfield "$_local_addr" "$_ncIndex")"
- _ncIndex="$(_math "$_ncIndex" + 1)"
- if ! _starttlsserver "$_SAN_B" "$_SAN_A" "$Le_TLSPort" "$keyauthorization" "$_ncaddr"; then
- _err "Start tls server error."
- _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
- _clearup
- _on_issue_err "$_post_hook" "$vlist"
- return 1
- fi
elif [ "$vtype" = "$VTYPE_ALPN" ]; then
acmevalidationv1="$(printf "%s" "$keyauthorization" | _digest "sha256" "hex")"
_debug acmevalidationv1 "$acmevalidationv1"
diff --git a/dnsapi/README.md b/dnsapi/README.md
index 0a9c4925..4f9b4100 100644
--- a/dnsapi/README.md
+++ b/dnsapi/README.md
@@ -1156,6 +1156,21 @@ acme.sh --issue --dns dns_active24 -d example.com -d www.example.com --dnssleep
The `ACTIVE24_Token` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
+## 60. Use do.de API
+
+Create an API token in your do.de account.
+
+Set your API token:
+```
+export DO_LETOKEN='FmD408PdqT1E269gUK57'
+```
+
+To issue a certificate run:
+```
+acme.sh --issue --dns dns_doapi -d example.com -d *.example.com
+```
+
+The API token will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
# Use custom API
diff --git a/dnsapi/dns_doapi.sh b/dnsapi/dns_doapi.sh
new file mode 100755
index 00000000..135f0b03
--- /dev/null
+++ b/dnsapi/dns_doapi.sh
@@ -0,0 +1,59 @@
+#!/usr/bin/env sh
+
+# Official Let's Encrypt API for do.de / Domain-Offensive
+#
+# This is different from the dns_do adapter, because dns_do is only usable for enterprise customers
+# This API is also available to private customers/individuals
+#
+# Provide the required LetsEncrypt token like this:
+# DO_LETOKEN="FmD408PdqT1E269gUK57"
+
+DO_API="https://www.do.de/api/letsencrypt"
+
+######## Public functions #####################
+
+#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+dns_doapi_add() {
+ fulldomain=$1
+ txtvalue=$2
+
+ DO_LETOKEN="${DO_LETOKEN:-$(_readaccountconf_mutable DO_LETOKEN)}"
+ if [ -z "$DO_LETOKEN" ]; then
+ DO_LETOKEN=""
+ _err "You didn't configure a do.de API token yet."
+ _err "Please set DO_LETOKEN and try again."
+ return 1
+ fi
+ _saveaccountconf_mutable DO_LETOKEN "$DO_LETOKEN"
+
+ _info "Adding TXT record to ${fulldomain}"
+ response="$(_get "$DO_API?token=$DO_LETOKEN&domain=${fulldomain}&value=${txtvalue}")"
+ if _contains "${response}" 'success'; then
+ return 0
+ fi
+ _err "Could not create resource record, check logs"
+ _err "${response}"
+ return 1
+}
+
+dns_doapi_rm() {
+ fulldomain=$1
+
+ DO_LETOKEN="${DO_LETOKEN:-$(_readaccountconf_mutable DO_LETOKEN)}"
+ if [ -z "$DO_LETOKEN" ]; then
+ DO_LETOKEN=""
+ _err "You didn't configure a do.de API token yet."
+ _err "Please set DO_LETOKEN and try again."
+ return 1
+ fi
+ _saveaccountconf_mutable DO_LETOKEN "$DO_LETOKEN"
+
+ _info "Deleting resource record $fulldomain"
+ response="$(_get "$DO_API?token=$DO_LETOKEN&domain=${fulldomain}&action=delete")"
+ if _contains "${response}" 'success'; then
+ return 0
+ fi
+ _err "Could not delete resource record, check logs"
+ _err "${response}"
+ return 1
+}
diff --git a/dnsapi/dns_namecheap.sh b/dnsapi/dns_namecheap.sh
index 2f401bd9..fbf93c32 100755
--- a/dnsapi/dns_namecheap.sh
+++ b/dnsapi/dns_namecheap.sh
@@ -3,16 +3,15 @@
# Namecheap API
# https://www.namecheap.com/support/api/intro.aspx
#
-# Requires Namecheap API key set in NAMECHEAP_API_KEY, NAMECHEAP_SOURCEIP and NAMECHEAP_USERNAME set as environment variable
+# Requires Namecheap API key set in
+#NAMECHEAP_API_KEY,
+#NAMECHEAP_USERNAME,
+#NAMECHEAP_SOURCEIP
# Due to Namecheap's API limitation all the records of your domain will be read and re applied, make sure to have a backup of your records you could apply if any issue would arise.
######## Public functions #####################
-if [ "$STAGE" -eq 1 ]; then
- NAMECHEAP_API="https://api.sandbox.namecheap.com/xml.response"
-else
- NAMECHEAP_API="https://api.namecheap.com/xml.response"
-fi
+NAMECHEAP_API="https://api.namecheap.com/xml.response"
#Usage: dns_namecheap_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
dns_namecheap_add() {
@@ -144,7 +143,7 @@ _namecheap_set_publicip() {
_namecheap_post() {
command=$1
data="ApiUser=${NAMECHEAP_USERNAME}&ApiKey=${NAMECHEAP_API_KEY}&ClientIp=${_publicip}&UserName=${NAMECHEAP_USERNAME}&Command=${command}"
-
+ _debug2 "_namecheap_post data" "$data"
response="$(_post "$data" "$NAMECHEAP_API" "" "POST")"
_debug2 response "$response"
@@ -224,6 +223,12 @@ _set_namecheap_TXT() {
while read -r host; do
if _contains "$host" "<host"; then
_namecheap_parse_host "$host"
+ _debug2 _hostname "_hostname"
+ _debug2 _hosttype "_hosttype"
+ _debug2 _hostaddress "_hostaddress"
+ _debug2 _hostmxpref "_hostmxpref"
+ _hostaddress="$(printf "%s" "$_hostaddress" | _url_encode)"
+ _debug2 "encoded _hostaddress" "_hostaddress"
_namecheap_add_host "$_hostname" "$_hosttype" "$_hostaddress" "$_hostmxpref" "$_hostttl"
fi
done <<EOT
@@ -278,6 +283,7 @@ _del_namecheap_TXT() {
_debug "TXT entry found"
found=1
else
+ _hostaddress="$(printf "%s" "$_hostaddress" | _url_encode)"
_namecheap_add_host "$_hostname" "$_hosttype" "$_hostaddress" "$_hostmxpref" "$_hostttl"
fi
fi