RFC2136
Create verification records using dynamic updates
| Plugin type | DNS validation | |
|---|---|---|
| Download | Version 2.3.0. Look for older releases on GitHub for files named like plugin.validation.dns.rfc2136.v2.x.x.zip | |
| Compatibility | All platforms |
Description
Create the record using dynamic DNS updates as defined in RFC 2136. This requires a DNS server IP (and optional port), a TSIG key consisting of a name and a base64 encoded secret, and an algorithm, which may be any of the following:
- md5
- sha1
- sha224
- sha256
- sha256_128
- sha384
- sha384_192
- sha512
- sha512_256
The plugin need to be unpacked into the folder where you also unpacked
wacs.exe to able to use it. Depending on how you downloaded the file,
you may have to unblock all new .dll files before your computer will trust
them. You can do that from the Windows File Explorer by using the right mouse button
and then checking the `Unblock` box on the General tab.
If you are using simple-acme as a dotnet tool, the folder will be %userprofile%\.dotnet\tools\.store\simple-acme\2.3.0.33\simple-acme\2.3.0.33\tools\net8.0\any
To verify that the plugin is properly installed you can start the main executable
with ‑‑verbose and it will print information about found and loaded plugins at
start up. When the plugin is loaded, it manifests itself as extra menu choices and
command line parameters being made availalbe.
This plugin requires to you use the pluggable release of the main executable. It will not work on the smaller trimmed releases.
Command line
--validation rfc2136 |
Activates the plugin | |
|---|---|---|
‑‑serverhost |
DNS server host/ip | |
‑‑serverport |
DNS server port | |
‑‑tsigkeyname |
TSIG key name | |
‑‑tsigkeysecret |
TSIG key secret (Base64 encoded)
You may pass the secret in plain text, but can also use a reference to the secret vault like |
|
‑‑tsigkeyalgorithm |
TSIG key algorithm |
Examples
| Typical | --validation rfc2136 ‑‑serverhost 10.10.10.10 [‑‑serverport 53] ‑‑tsigkeyname mykey ‑‑tsigkeysecret ***** [‑‑tsigkeyalgorithm md5] |
|---|
JSON
| ID | ed5dc9d1-739c-4f6a-854f-238bf65b63ee |
|---|
Looking for win-acme?
simple-acme is a backwards compatible, drop-in replacement built by the same person. Project history.