Nginx-LE supports a number of auth providers. Each auth provider has its on method of configuration.

HTTP01 Auth

This is the default Certbot authentication method and only works if your web server is exposed on a public IP address with ports 80 and 443 open.

HTTP01 Auth does not support wildcard certificates.

Set the following environment variables:

AUTH_PROVIDER=HTTP01Auth

DOMAIN_WILDCARD=false

Namecheap

We don't recommend using this provider.

The Namecheap API is very crappy and requires that we update EVERY dns record to just modify a single record.

It is also currently limited to domains that have no more than 10 A records. This could be fixed by changing the request from a HTTP GET to a POST but unfortunately Namecheap hasn't documented the POST method.

AUTH_PROVIDER=namecheap

AUTH_PROVIDER_TOKEN=name cheap Api Key

AUTH_PROVIDER_USERNAME=name cheap username

DOMAIN_WILDCARD=true|false

Cloudflare

This is the most versatile auth provider as it supports public and private websites as well as Wildcard and single FQDN certificates.

NOTE: currently we only support using a cloudflare global access token. A restricted API token will NOT WORK. This is due to ubuntu 20.04 using an old version of certbot. When a newer version is available we will upgrade to support the restricted access token.

AUTH_PROVIDER=cloudflare

AUTH_PROVIDER_TOKEN=api token for cloudflare

AUTH_PROVIDER_EMAIL_ADDRESS=email address used to acquire api token

DOMAIN_WILDCARD=true|false