Updated: 21 May 2025
DNS-01 challenge
The dns-01 challenge asks you to prove you control the DNS for a domain by putting a specific value in a TXT record, under that domain.
docker run -it --rm \
-v "/home/chris/Desktop/do.ini:/tmp/do.ini" \
-v "/home/chris/Desktop/certs:/etc/letsencrypt/live" \
certbot/dns-digitalocean certonly \
--dns-digitalocean --dns-digitalocean-credentials /tmp/do.ini \
--dry-run -d example.comNotes
- certbot-dns-digitalocean documentation.
- Contents of ~/Desktop/do.ini like this
dns_digitalocean_token = token_here - Certbot, with it’s dns-digitalocean plugin will add a TXT record via the Digital Ocean API.
- Place Digital Ocean API key in
~/Desktop/do.ini. - Certificates (x4) are saved to
~/Desktop/certs. - Note the
--dry-runoption.