certbot-azure icon indicating copy to clipboard operation
certbot-azure copied to clipboard

Published 20 hours ago verified publisher icon dlapiduz

Proposal: support for certificates for domains with zones in different Azure resource groups

Open myhau opened this issue 4 years ago • 1 comments

Current state

Currently, it is not possible to generate a single certificate for two domains (from two different Azure DNS zones) in two different resource groups, because of how --dns-azure-resource-group option works.

Example on how DNS zones might be organized in Azure:

domain1.com zone in group1 resource group domain2.com zone in group2 resource group

My proposal

Accept multiple resource groups (comma separated) for --dns-azure-resource-group. During verification, find resource group for a particular zone when creating / deleting TXT record.

Example usage after the change:

certbot certonly \
 -d '*.domain1.com' \
 -d '*.domain2.com' \
 -a dns-azure \
 --dns-azure-credentials credentials.json \
 --dns-azure-resource-group group1,group2

This is a minimal working version. If (from the perspective of an end user) this change is ok, I will refactor the code and add tests / documentation if needed.

myhau avatar Oct 29 '20 16:10 myhau

@dlapiduz what is your opinion ?

myhau avatar Nov 03 '20 20:11 myhau