Cloudflare DNS Authenticator plugin for Certbot with support for CNAME aliasing.
It supports DNS-01 challenge with CNAME aliasing described here.
It is based on official Certbot Cloudflare plugin (documentation).
snap install certbot-dns-cloudflare-cname
snap set certbot trust-plugin-with-root=ok
snap connect certbot:plugin certbot-dns-cloudflare-cname
snap connect certbot-dns-cloudflare-cname:certbot-metadata certbot:certbot-metadatapip install certbot-dns-cloudflare-cnameExample credentials file using restricted API Token (recommended):
# Cloudflare API token used by Certbot
dns_cloudflare_cname_api_token = 0123456789abcdef0123456789abcdef01234567
Example credentials file using Global API Key (not recommended):
# Cloudflare API credentials used by Certbot
dns_cloudflare_cname_email = [email protected]
dns_cloudflare_cname_api_key = 0123456789abcdef0123456789abcdef01234
| Argument | Description |
|---|---|
| --dns-cloudflare-cname-credentials | Cloudflare (See Configuration) INI file. (Required) |
| --dns-cloudflare-cname-follow-cnames | If true, authenticator will try to resolve validation name. (Default: true) |
| --dns-cloudflare-cname-propagation-seconds | The number of seconds to wait for DNS to propagate before asking the ACME server to verify the DNS record. (Default: 10) |
certbot certonly --dry-run -a dns-cloudflare-cname --dns-cloudflare-cname-credentials /var/cloudflare.ini -d subdomain.example.com