certbot_dns_cloudflare.dns_cloudflare

DNS Authenticator for Cloudflare.

class certbot_dns_cloudflare.dns_cloudflare.Authenticator(*args, **kwargs)[source]

Bases: certbot.plugins.dns_common.DNSAuthenticator

DNS Authenticator for Cloudflare

This Authenticator uses the Cloudflare API to fulfill a dns-01 challenge.

classmethod add_parser_arguments(add)[source]

Add plugin arguments to the CLI argument parser.

NOTE: If some of your flags interact with others, you can use cli.report_config_interaction to register this to ensure values are correctly saved/overridable during renewal.

Parameters:add (callable) – Function that proxies calls to argparse.ArgumentParser.add_argument prepending options with unique plugin name prefix.
_setup_credentials()[source]

Establish credentials, prompting if necessary.

_perform(domain, validation_name, validation)[source]

Performs a dns-01 challenge by creating a DNS TXT record.

Parameters:
  • domain (str) – The domain being validated.
  • validation_domain_name (str) – The validation record domain name.
  • validation (str) – The validation record content.
Raises:

errors.PluginError – If the challenge cannot be performed

_cleanup(domain, validation_name, validation)[source]

Deletes the DNS TXT record which would have been created by _perform_achall.

Fails gracefully if no such record exists.

Parameters:
  • domain (str) – The domain being validated.
  • validation_domain_name (str) – The validation record domain name.
  • validation (str) – The validation record content.
class certbot_dns_cloudflare.dns_cloudflare._CloudflareClient(email, api_key)[source]

Bases: object

Encapsulates all communication with the Cloudflare API.

add_txt_record(domain, record_name, record_content, record_ttl)[source]

Add a TXT record using the supplied information.

Parameters:
  • domain (str) – The domain to use to look up the Cloudflare zone.
  • record_name (str) – The record name (typically beginning with ‘_acme-challenge.’).
  • record_content (str) – The record content (typically the challenge validation).
  • record_ttl (int) – The record TTL (number of seconds that the record may be cached).
Raises:

certbot.errors.PluginError – if an error occurs communicating with the Cloudflare API

del_txt_record(domain, record_name, record_content)[source]

Delete a TXT record using the supplied information.

Note that both the record’s name and content are used to ensure that similar records created concurrently (e.g., due to concurrent invocations of this plugin) are not deleted.

Failures are logged, but not raised.

Parameters:
  • domain (str) – The domain to use to look up the Cloudflare zone.
  • record_name (str) – The record name (typically beginning with ‘_acme-challenge.’).
  • record_content (str) – The record content (typically the challenge validation).
_find_zone_id(domain)[source]

Find the zone_id for a given domain.

Parameters:domain (str) – The domain for which to find the zone_id.
Returns:The zone_id, if found.
Return type:str
Raises:certbot.errors.PluginError – if no zone_id is found.
_find_txt_record_id(zone_id, record_name, record_content)[source]

Find the record_id for a TXT record with the given name and content.

Parameters:
  • zone_id (str) – The zone_id which contains the record.
  • record_name (str) – The record name (typically beginning with ‘_acme-challenge.’).
  • record_content (str) – The record content (typically the challenge validation).
Returns:

The record_id, if found.

Return type:

str