WebFaction
Community site: login faq

All of the LetsEncrypt automation with the new API seems to leave the control panel username and password in a file under the account home directory somewhere, for the API to use it when updating the certificate. That makes me nervous, since the password is the key to everything in my account.

Is there any alternative, other than I guess having my automation continue to email support tickets?

If not, is there anything planned that I've missed the annoucement of, maybe like letting shell users or some other limited account log in via the API and be restricted to only the "update certificate" API call?

asked 30 Jan, 18:31

edgewood's gravatar image

edgewood
413
accept rate: 0%


There's no alternative at this time.

We're hoping to implement some form of token authentication for API scripts at some point, but there's no ETA for it.

permanent link

answered 30 Jan, 18:41

seanf's gravatar image

seanf ♦♦
11.3k21132
accept rate: 37%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×69
×13
×3

question asked: 30 Jan, 18:31

question was seen: 226 times

last updated: 30 Jan, 18:41

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2016 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM