Hurricane Electric DNS

Since: v4.3.0

Configuration for Hurricane Electric DNS.

  • Code: hurricane

Here is an example bash command using the Hurricane Electric DNS provider:

HURRICANE_TOKENS=example.org:token \
lego --email myemail@example.com --dns hurricane -d example.org -d *.example.org run

HURRICANE_TOKENS=my.example.org:token1,demo.example.org:token2 \
lego -m myemail@example.com --dns hurricane -d my.example.org -d demo.example.org

Credentials

Environment Variable Name Description
HURRICANE_TOKENS TXT record names and tokens

The environment variable names can be suffixed by _FILE to reference a file instead of a value. More information here.

Before using lego to request a certificate for a given domain or wildcard (such as my.example.org or *.my.example.org), create a TXT record named _acme-challenge.my.example.org, and enable dynamic updates on it. Generate a token for each URL with Hurricane Electric’s UI, and copy it down. Stick to alphanumeric tokens for greatest reliability.

To authenticate with the Hurricane Electric API, add each record name/token pair you want to update to the HURRICANE_TOKENS environment variable, as shown in the examples. Record names (without the _acme-challenge. component) and their tokens are separated with colons, while the credential pairs are concatenated into a comma-separated list, like so:

HURRICANE_TOKENS=my.example.org:token1,demo.example.org:token2

If you are issuing both a wildcard certificate and a standard certificate for a given subdomain, you should not have repeat entries for that name, as both will use the same credential.

HURRICANE_TOKENS=example.org:token

More information