1 Name = "RFC2136"
2 Description = ''''''
3 URL = "https://www.rfc-editor.org/rfc/rfc2136.html"
4 Code = "rfc2136"
5 Since = "v0.3.0"
6 7 Example = '''
8 RFC2136_NAMESERVER=127.0.0.1 \
9 RFC2136_TSIG_KEY=example.com \
10 RFC2136_TSIG_ALGORITHM=hmac-sha256. \
11 RFC2136_TSIG_SECRET=YWJjZGVmZGdoaWprbG1ub3BxcnN0dXZ3eHl6MTIzNDU= \
12 lego --dns rfc2136 -d '*.example.com' -d example.com run
13 14 ## ---
15 16 keyname=example.com; keyfile=example.com.key; tsig-keygen $keyname > $keyfile
17 18 RFC2136_NAMESERVER=127.0.0.1 \
19 RFC2136_TSIG_FILE="$keyfile" \
20 lego --dns rfc2136 -d '*.example.com' -d example.com run
21 '''
22 23 [Configuration]
24 [Configuration.Credentials]
25 RFC2136_TSIG_KEY = "Name of the secret key as defined in DNS server configuration. To disable TSIG authentication, leave the `RFC2136_TSIG_KEY` variable unset."
26 RFC2136_TSIG_SECRET = "Secret key payload. To disable TSIG authentication, leave the `RFC2136_TSIG_SECRET` variable unset."
27 RFC2136_TSIG_ALGORITHM = "TSIG algorithm. See [miekg/dns#tsig.go](https://github.com/miekg/dns/blob/master/tsig.go) for supported values. To disable TSIG authentication, leave the `RFC2136_TSIG_KEY` or `RFC2136_TSIG_SECRET` variables unset."
28 RFC2136_NAMESERVER = 'Network address in the form "host" or "host:port"'
29 [Configuration.Additional]
30 RFC2136_TSIG_FILE = "Path to a key file generated by tsig-keygen"
31 RFC2136_POLLING_INTERVAL = "Time between DNS propagation check in seconds (Default: 2)"
32 RFC2136_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation in seconds (Default: 60)"
33 RFC2136_TTL = "The TTL of the TXT record used for the DNS challenge in seconds (Default: 120)"
34 RFC2136_SEQUENCE_INTERVAL = "Time between sequential requests in seconds (Default: 60)"
35 RFC2136_DNS_TIMEOUT = "API request timeout in seconds (Default: 10)"
36 37 [Links]
38 API = "https://www.rfc-editor.org/rfc/rfc2136.html"
39