DNS validation with Namecheap.com


#1

Hi has anyone made a script to make / update DNS validation TXT records with Namecheap?
Not really sure what to do as I have never done any API stuff before. Hoping someone has already done the leg work for me,

It looks like I might not be able to use there API as I am not a reseller, I have however requested API access and waiting to see what happens.

Or alternatively is there a way for Certify to keep the TXT records the same every update so I can set them once and leave?

Thanks for your help Dave


#2

So this is what I ended up doing to sort out the problem.
I got the information from this post:
https://community.letsencrypt.org/t/help-with-dns-challenge-and-namecheap/59776/2

I looked into using Lexicon but as it is Linux based and I am running windows machines I thought it would be easier to take a different approach.

Sign up for a free CloudFlare account:
https://www.cloudflare.com/plans/
I removed all DNS records imported by CloudFlare as I didn’t want to use them as my DNS

Set up Certify as per this article:
https://docs.certifytheweb.com/docs/dns-cloudflare.html

Setup all _acme-challenge records on NameCheap as CNAME pointing to CloudFlare nameserver.
eg.
_acme-challenge.mail
_acme-challenge.autodiscover
etc.

I only did _acme-challenge and left all other records on NameCheap as I didn’t want to use CloudFlare as my DNS.

Seems to work so far. I will report back with any problems.
Hopefully this will help other out.


#3

Great, glad you got it working OK!


#4

UPDATE:

So I had to use CloudFlare as my nameserver.
Added a new subdomain and set everything up on NameCheap but could not get certify to work.
It wouldn’t write the _acme-challange for the new subdomain to CloudFlare

Switched from NameCheap nameserver to CloudFlare and success. _acme-challange TXT file was created successfully.


#5

@wookie_73 so you were redirecting from namecheap DNS to a special subdomain hosted cloudflare nameservers and it didn’t work?

Thinking about it, that’s probably because your subdomain might be something like ‘validation.domain.com’ and your cname ‘_acme-challenge.domain.com’ points to ‘_acme-challenge.validation.domain.com’ but our API calls are looking for ‘domain.com’ in the DNS zone that the API credentials have access to.

Interesting, we probably need an surrogate domain option so you can specify ‘_acme-challenge.validation.domain.com’ etc as the real target for the the TXT record.


#6

Assuming I’ve understood this correctly: https://github.com/webprofusion/certify/issues/369


#7

Yes that is what I was doing. Using a CNAME on NameCheap to redirect to CloudFlare.

Oddly it worked the first time I tested it. but later in the week it did not work.
I had made some other changes so put it down to this. But try as I might I could not get it to work again.

Switched from NameCheap DNS to CloudFlare and success straight away.

I believe it was down to the CloudFlare account not being fully active, although why the redirect worked first time round is still a mystery.