阿里云自动签发证书(插件)

https://github.com/tengattack/certbot-dns-aliyun

pip install certbot-dns-aliyun

cat credentials.ini
cat  >aliyun_credentials.ini<<EOL
dns_aliyun_access_key = xxxxxxxxxxxxxxx
dns_aliyun_access_key_secret = xxxxxxxx
EOL

#签发证书
certbot certonly  --authenticator=dns-aliyun  --dns-aliyun-credentials=aliyun_credentials.ini   -d "*.xx.cn,xx.cn"

#证书续期(未测)
certbot renew --manual --preferred-challenges dns --manual-auth-hook "alidns" --manual-cleanup-hook "alidns clean"
阿里云ACCESS_KEY需要授权alidns权限
{
    "Version": "1",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "alidns:*",
            "Resource": "acs:alidns:*:*:domain/*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "alidns:DescribeDomains",
                "alidns:DescribeDomainNs",
                "alidns:DescribeDomainGroups",
                "alidns:DescribeSiteMonitorIspInfos",
                "alidns:DescribeSiteMonitorIspCityInfos"
            ],
            "Resource": "acs:alidns:*:*:*"
        }
    ]
}

DNSPOD自动签发

https://github.com/al-one/certbot-auth-dnspod

wget https://raw.githubusercontent.com/al-one/certbot-auth-dnspod/master/certbot-auth-dnspod.sh
chmod +x certbot-auth-dnspod.sh

echo "your dnspod token" > /etc/dnspod_token
签发
certbot certonly --manual --preferred-challenges dns-01 --email mail@domain.com -d laravel.run -d *.laravel.run 
--server https://acme-v02.api.letsencrypt.org/directory --manual-auth-hook /path/to/certbot-auth-dnspod.sh --manual-cleanup-hook "/path/to/certbot-auth-dnspod.sh clean"
更新
certbot renew --manual-auth-hook /path/to/certbot-auth-dnspod.sh --manual-cleanup-hook "/path/to/certbot-auth-dnspod.sh clean"