OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 20.7 Legacy Series »
  • [SOLVED] [acme-client] Can not find dns api hook for: dns_hetzner
« previous next »
  • Print
Pages: [1]

Author Topic: [SOLVED] [acme-client] Can not find dns api hook for: dns_hetzner  (Read 7521 times)

puldi

  • Newbie
  • *
  • Posts: 32
  • Karma: 2
    • View Profile
[SOLVED] [acme-client] Can not find dns api hook for: dns_hetzner
« on: August 06, 2020, 01:57:55 pm »
Hi,
trying to create a wildcard certificate for some of our domains I'm catching this error in current acme-client package:
"Can not find dns api hook for: dns_hetzner"
Our Domains are hosted by Hetzner (a german ISP) and they released a new DNS API about two months ago. I know that acme.sh, the underlying script of this package, knows about this API very well. But for some reason, the version shipped with OPNsense doesn't.
Version is:
os-acme-client: 1.34

Before upgrading to 20.7 today, I also tried to fetch a certificate with latest 20.1 release. But no difference.

I found this thread, regarding the same topic: https://forum.opnsense.org/index.php?topic=15655.msg71634#msg71634
But reverting to version from 19.7.10_1 wouldn't help me in any way, as in 2019 there was no new Hetzner DNS API.

Does anyone have a glue what I could do to enable wildcard certificates with Let's Encrypt and Hetzner DNS?

Edit:
In some way the framework does know about the Hetzner DNS API, because I can select it as validation method. But when the script actually runs it throws this error and expects the respective DNS entries to be added manually.
« Last Edit: August 06, 2020, 03:58:21 pm by puldi »
Logged

puldi

  • Newbie
  • *
  • Posts: 32
  • Karma: 2
    • View Profile
Re: [acme-client] Can not find dns api hook for: dns_hetzner
« Reply #1 on: August 06, 2020, 03:57:48 pm »
I solved it!

Script Version in the package is 2.8.6, which dates from May, 4th. At this time there was no Hetzner DNS API, therefore no support for this API. Sadly, this is the latest release version of the script.

I solved it this way:
Logged in to the console and ran
Code: [Select]
acme.sh --upgradeThis installed me a current master version from github in /root/.acme.sh/. I then just copied the folder /root/.acme.sh/dnsapi/ to /var/db/acme/.acme.sh/dnsapi:
Code: [Select]
cp -pv /root/.acme.sh/dnsapi/* /var/db/acme/.acme.sh/dnsapi/In my case this was enough to make the plugin work with Hetzner DNS API.
I guess one could also just copy one of the scripts from master branch to the folder.
Hopefully, there will be an official release of acme.sh soon and also an updated plugin package for OPNsense.
Logged

szurubooru

  • Newbie
  • *
  • Posts: 11
  • Karma: 0
    • View Profile
Re: [SOLVED] [acme-client] Can not find dns api hook for: dns_hetzner
« Reply #2 on: September 07, 2020, 04:37:05 am »
Thank you soo much  :-*
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 20.7 Legacy Series »
  • [SOLVED] [acme-client] Can not find dns api hook for: dns_hetzner
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2