About one year ago we announced the integration of Let's Encrypt into DNSimple, with the goal of providing a fully-automated way to request, renew, download and install an SSL certificate.
While most of the process was automated, there was one final missing piece to truly consider our proposal fully-automated: the ability to request the certificate via API. Not anymore. Today I'm happy to announce that you can now request a Let's Encrypt certificate via our certificate API.
All our official clients have been updated to support this feature with the addition of the following 4 new methods:
- create Let's Encrypt certificate
- issue Let's Encrypt certificate
- create Let's Encrypt certificate renewal
- issue Let's Encrypt certificate renewal
Exactly like when requesting through the UI, the issuance of a new Let's Encrypt certificate requested via API happens asynchronously. Once the certificate is issued, we'll notify you via email and webhooks. At that point, you can use our certificate download API to download the certificate and the private key.
When you create a Let's Encrypt certificate you can pass the option to auto-renew the certificate. When auto-renewal is enabled, we'll automatically process the auto-renewal 30 days before the expiration. Once a renewed certificate is issued, we'll notify you via email and webhooks as for the original certificate.
The feature is currently in beta. It is stable and can be used, however during the beta period we may make adjustments to the API format. The best way to stay up to date is to use one of our official API clients:
Since we are committing to describe DNSimple domain API with OpenAPI, these new 4 API methods are already available in the DNSimple API OpenAPI specification.
Thank you to Let's Encrypt for making it possible to design a fully-automated process to create, issue, install and renew an SSL certificate.
As this is a beta API feature, we would love to receive your feedback. If you should have any questions or suggestion please let us know.