Prerequisites
Install OpenStack CLI client (OSC)
http://www.panticz.de/osc
OpenStack Application credentials
~/.config/openstack/clouds.yaml
Generate Lets Encrypt certificate
sudo apt install -y certbot pyenv activate osc pip install python-designateclient certbot-dns-openstack zope # list available zones openstack zone list # Create letsencrypt directory mkdir ~/letsencrypt # Request wildcard certificate DOMAIN=example.com certbot -a dns-openstack certonly \ --agree-tos \ --register-unsafely-without-email \ --work-dir ~/letsencrypt/work \ --config-dir ~/letsencrypt/etc \ --logs-dir ~/letsencrypt/log \ --dns-openstack-propagation-seconds 60 \ -d *.${DOMAIN} # -d *.example.com,example.com # List certificates ls -l ~/letsencrypt/etc/archive/*/*
DEBUG (second terminal)
watch -n1 openstack recordset list example.com
Links
https://docs.binero.com/guides/designate-as-authenticator-for-lets-encrypt.html
https://letsencrypt.org/docs/challenge-types/