This repository contains code and supporting files for ACME webhook that interacts with active24.cz DNS APIv2.
-
API key and secret to access your domain
-
Service ID to be determined from the link to the desired service (domain), example:
12345678forhttps://admin.active24.cz/en/dashboard/service/12345678
Create secret with API key and secret
kubectl create secret generic active24-apikey --namespace cert-manager \
--from-literal='apiKey=abcd1234567890' --from-literal='apiSecret=defg0987654321'
Create ClusterIssuer
Apply the following manifest into cluster
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
# The ACME server URL
server: https://acme-v02.api.letsencrypt.org/directory
# Email address used for ACME registration
email: [email protected]
# Name of a secret used to store the ACME account private key
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- selector:
dnsZones:
- somegreatdomain.tld
dns01:
webhook:
groupName: acme.yourdomain.tld # apiGroup from cert-manager-webhook-active24 Helm chart
solverName: active24
config:
apiKeySecretRef:
name: &apiKSName 'active24-apikey'
key: 'apiKey'
apiSecretSecretRef:
name: *apiKSName
key: 'apiSecret'
serviceID: 12345678
domain: somegreatdomain.tldReplace somegreatdomain.tld with actual domain managed by Active24
Install using helm
helm upgrade --install ac24 ./chart --namespace cert-manager
Create certificate
kind: Certificate
apiVersion: cert-manager.io/v1
metadata:
name: &certName my-certificate
spec:
commonName: &commonName somegreatdomain.tld
dnsNames:
- *commonName
- '*.somegreatdomain.tld'
issuerRef:
kind: ClusterIssuer
name: letsencrypt-prod
secretName: *certName