acmesh-official · cjwalsh · Feb 21, 2024 · Jun 8, 2025 · Jun 8, 2025 · Jun 8, 2025
diff --git a/acme.sh b/acme.sh
@@ -3513,7 +3513,7 @@ _on_before_issue() {
   _debug _chk_alt_domains "$_chk_alt_domains"
   #run pre hook
   if [ "$_chk_pre_hook" ]; then
-    _info "Runing pre hook:'$_chk_pre_hook'"
+    _info "Running pre hook:'$_chk_pre_hook'"
     if ! (
       export Le_Domain="$_chk_main_domain"
       export Le_Alt="$_chk_alt_domains"
@@ -4502,6 +4502,7 @@ issue() {
 
   if ! _on_before_issue "$_web_roots" "$_main_domain" "$_alt_domains" "$_pre_hook" "$_local_addr"; then
     _err "_on_before_issue."
+    _on_issue_err "$_post_hook"
     return 1
   fi
 
@@ -4761,7 +4762,9 @@ $_authorizations_map"
         _debug keyauthorization "$keyauthorization"
       fi
 
-      entry="$(echo "$response" | _egrep_o '[^\{]*"type":"'$vtype'"[^\}]*')"
+      # Fix for empty error objects in response which mess up the original code, adapted from fix suggested here: https://github.com/acmesh-official/acme.sh/issues/4933#issuecomment-1870499018
+      # Additional fix for issue 4972 "cannot get domain token entry" with ZeroSSL (https://github.com/acmesh-official/acme.sh/issues/4972)
+      entry="$(echo "$response" | sed s/'"error":{}'/'"error":null'/ | _egrep_o "\"challenges\":\[[^]]*]" | _egrep_o '[^\{]*"type":"'$vtype'"[^\}]*')"
       _debug entry "$entry"
 
       if [ -z "$keyauthorization" -a -z "$entry" ]; then
@@ -6350,7 +6353,9 @@ _deactivate() {
     fi
     _debug "Trigger validation."
     vtype="$(_getIdType "$_d_domain")"
-    entry="$(echo "$response" | _egrep_o '[^\{]*"type":"'$vtype'"[^\}]*')"
+    # Fix for empty error objects in response which mess up the original code, adapted from fix suggested here: https://github.com/acmesh-official/acme.sh/issues/4933#issuecomment-1870499018
+    # Additional fix for issue 4972 "cannot get domain token entry" with ZeroSSL (https://github.com/acmesh-official/acme.sh/issues/4972)
+    entry="$(echo "$response" | sed s/'"error":{}'/'"error":null'/ | _egrep_o "\"challenges\":\[[^]]*]" | _egrep_o '[^\{]*"type":"'$vtype'"[^\}]*')"
     _debug entry "$entry"
     if [ -z "$entry" ]; then
       _err "$d: Cannot get domain token"

diff --git a/dnsapi/dns_beget.sh b/dnsapi/dns_beget.sh
@@ -7,7 +7,7 @@ Options:
  BEGET_User API user
  BEGET_Password API password
 Issues: github.com/acmesh-official/acme.sh/issues/6200
-Author: ARNik [email protected]
+Author: ARNik <[email protected]>
 '
 
 Beget_Api="https://api.beget.com/api"

diff --git a/dnsapi/dns_bookmyname.sh b/dnsapi/dns_bookmyname.sh
@@ -7,7 +7,7 @@ Options:
  BOOKMYNAME_USERNAME Username
  BOOKMYNAME_PASSWORD Password
 Issues: github.com/acmesh-official/acme.sh/issues/3209
-Author: Neilpang
+Author: @Neilpang
 '
 
 ########  Public functions #####################

diff --git a/dnsapi/dns_ddnss.sh b/dnsapi/dns_ddnss.sh
@@ -6,7 +6,7 @@ Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_ddnss
 Options:
  DDNSS_Token API Token
 Issues: github.com/acmesh-official/acme.sh/issues/2230
-Author: RaidenII, helbgd, mod242
+Author: @helbgd, @mod242
 '
 
 DDNSS_DNS_API="https://ddnss.de/upd.php"

diff --git a/dnsapi/dns_dnshome.sh b/dnsapi/dns_dnshome.sh
@@ -7,7 +7,7 @@ Options:
  DNSHOME_Subdomain Subdomain
  DNSHOME_SubdomainPassword Subdomain Password
 Issues: github.com/acmesh-official/acme.sh/issues/3819
-Author: dnsHome.de https://github.com/dnsHome-de
+Author: @dnsHome-de
 '
 
 # Usage: add subdomain.ddnsdomain.tld "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"

diff --git a/dnsapi/dns_duckdns.sh b/dnsapi/dns_duckdns.sh
@@ -5,7 +5,7 @@ Site: www.DuckDNS.org
 Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_duckdns
 Options:
  DuckDNS_Token API Token
-Author: RaidenII
+Author: @RaidenII
 '
 
 DuckDNS_API="https://www.duckdns.org/update"

diff --git a/dnsapi/dns_dyn.sh b/dnsapi/dns_dyn.sh
@@ -8,7 +8,7 @@ Options:
  DYN_Customer Customer
  DYN_Username API Username
  DYN_Password Secret
-Author: Gerd Naschenweng <https://github.com/magicdude4eva>
+Author: Gerd Naschenweng <@magicdude4eva>
 '
 
 # Dyn Managed DNS API

diff --git a/dnsapi/dns_dynv6.sh b/dnsapi/dns_dynv6.sh
@@ -8,7 +8,7 @@ Options:
 OptionsAlt:
  KEY Path to SSH private key file. E.g. "/root/.ssh/dynv6"
 Issues: github.com/acmesh-official/acme.sh/issues/2702
-Author: StefanAbl
+Author: @StefanAbl
 '
 
 dynv6_api="https://dynv6.com/api/v2"

diff --git a/dnsapi/dns_easydns.sh b/dnsapi/dns_easydns.sh
@@ -7,7 +7,7 @@ Options:
  EASYDNS_Token API Token
  EASYDNS_Key API Key
 Issues: github.com/acmesh-official/acme.sh/issues/2647
-Author: Neilpang, wurzelpanzer <[email protected]>
+Author: @Neilpang, wurzelpanzer <[email protected]>
 '
 
 # API Documentation: https://sandbox.rest.easydns.net:3001/

diff --git a/dnsapi/dns_freedns.sh b/dnsapi/dns_freedns.sh
@@ -7,7 +7,7 @@ Options:
  FREEDNS_User Username
  FREEDNS_Password Password
 Issues: github.com/acmesh-official/acme.sh/issues/2305
-Author: David Kerr <https://github.com/dkerr64>
+Author: David Kerr <@dkerr64>
 '
 
 ########  Public functions #####################

diff --git a/dnsapi/dns_he_ddns.sh b/dnsapi/dns_he_ddns.sh
@@ -5,6 +5,7 @@ Site: dns.he.net
 Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_he_ddns
 Options:
  HE_DDNS_KEY The DDNS key
+Issues: https://github.com/acmesh-official/acme.sh/issues/5238
 Author: Markku Leiniö
 '
 

diff --git a/dnsapi/dns_joker.sh b/dnsapi/dns_joker.sh
@@ -7,7 +7,7 @@ Options:
  JOKER_USERNAME Username
  JOKER_PASSWORD Password
 Issues: github.com/acmesh-official/acme.sh/issues/2840
-Author: <https://github.com/aattww/>
+Author: @aattww
 '
 
 JOKER_API="https://svc.joker.com/nic/replace"

diff --git a/dnsapi/dns_mijnhost.sh b/dnsapi/dns_mijnhost.sh
@@ -1,16 +1,15 @@
 #!/usr/bin/env sh
 # shellcheck disable=SC2034
 dns_mijnhost_info='mijn.host
-Domains: mijn.host
 Site: mijn.host
-Docs: https://mijn.host/api/doc/
-Issues: https://github.com/acmesh-official/acme.sh/issues/6177
-Author: peterv99
+Docs: https://github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_mijnhost
 Options:
  MIJNHOST_API_KEY API Key
+Issues: github.com/acmesh-official/acme.sh/issues/6177
+Author: @peterv99
 '
 
-########  Public functions ###################### Constants for your mijn-host API
+########  Public functions ######################
 MIJNHOST_API="https://mijn.host/api/v2"
 
 # Add TXT record for domain verification

diff --git a/dnsapi/dns_mydnsjp.sh b/dnsapi/dns_mydnsjp.sh
@@ -6,7 +6,7 @@ Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_mydnsjp
 Options:
  MYDNSJP_MasterID Master ID
  MYDNSJP_Password Password
-Author: epgdatacapbon
+Author: @tkmsst
 '
 
 ########  Public functions #####################

diff --git a/dnsapi/dns_namecom.sh b/dnsapi/dns_namecom.sh
@@ -6,7 +6,7 @@ Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_namecom
 Options:
  Namecom_Username Username
  Namecom_Token API Token
-Author: RaidenII
+Author: @RaidenII
 '
 
 ########  Public functions #####################

diff --git a/dnsapi/dns_namesilo.sh b/dnsapi/dns_namesilo.sh
@@ -5,7 +5,7 @@ Site: NameSilo.com
 Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_namesilo
 Options:
  Namesilo_Key API Key
-Author: meowthink
+Author: @meowthink
 '
 
 #Utilize API to finish dns-01 verifications.

diff --git a/dnsapi/dns_openprovider_rest.sh b/dnsapi/dns_openprovider_rest.sh
@@ -0,0 +1,186 @@
+#!/usr/bin/env sh
+# shellcheck disable=SC2034
+dns_openprovider_rest_info='OpenProvider (REST)
+Domains: OpenProvider.com
+Site: OpenProvider.eu
+Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_openprovider_rest
+Options:
+ OPENPROVIDER_REST_USERNAME Openprovider Account Username
+ OPENPROVIDER_REST_PASSWORD Openprovider Account Password
+Issues: github.com/acmesh-official/acme.sh/issues/6122
+Author: Lambiek12
+'
+
+OPENPROVIDER_API_URL="https://api.openprovider.eu/v1beta"
+
+########  Public functions #####################
+
+# Usage: add  _acme-challenge.www.domain.com  "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+# Used to add txt record
+dns_openprovider_rest_add() {
+  fulldomain=$1
+  txtvalue=$2
+
+  _openprovider_prepare_credentials || return 1
+
+  _debug "Try fetch OpenProvider DNS zone details"
+  if ! _get_dns_zone "$fulldomain"; then
+    _err "DNS zone not found within configured OpenProvider account."
+    return 1
+  fi
+
+  if [ -n "$_domain_id" ]; then
+    addzonerecordrequestparameters="dns/zones/$_domain_name"
+    addzonerecordrequestbody="{\"id\":$_domain_id,\"name\":\"$_domain_name\",\"records\":{\"add\":[{\"name\":\"$_sub_domain\",\"ttl\":900,\"type\":\"TXT\",\"value\":\"$txtvalue\"}]}}"
+
+    if _openprovider_rest PUT "$addzonerecordrequestparameters" "$addzonerecordrequestbody"; then
+      if _contains "$response" "\"success\":true"; then
+        return 0
+      elif _contains "$response" "\"Duplicate record\""; then
+        _debug "Record already existed"
+        return 0
+      else
+        _err "Adding TXT record failed due to errors."
+        return 1
+      fi
+    fi
+  fi
+
+  _err "Adding TXT record failed due to errors."
+  return 1
+}
+
+# Usage: rm  _acme-challenge.www.domain.com  "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+# Used to remove the txt record after validation
+dns_openprovider_rest_rm() {
+  fulldomain=$1
+  txtvalue=$2
+
+  _openprovider_prepare_credentials || return 1
+
+  _debug "Try fetch OpenProvider DNS zone details"
+  if ! _get_dns_zone "$fulldomain"; then
+    _err "DNS zone not found within configured OpenProvider account."
+    return 1
+  fi
+
+  if [ -n "$_domain_id" ]; then
+    removezonerecordrequestparameters="dns/zones/$_domain_name"
+    removezonerecordrequestbody="{\"id\":$_domain_id,\"name\":\"$_domain_name\",\"records\":{\"remove\":[{\"name\":\"$_sub_domain\",\"ttl\":900,\"type\":\"TXT\",\"value\":\"\\\"$txtvalue\\\"\"}]}}"
+
+    if _openprovider_rest PUT "$removezonerecordrequestparameters" "$removezonerecordrequestbody"; then
+      if _contains "$response" "\"success\":true"; then
+        return 0
+      else
+        _err "Removing TXT record failed due to errors."
+        return 1
+      fi
+    fi
+  fi
+
+  _err "Removing TXT record failed due to errors."
+  return 1
+}
+
+####################  OpenProvider API common functions  ####################
+_openprovider_prepare_credentials() {
+  OPENPROVIDER_REST_USERNAME="${OPENPROVIDER_REST_USERNAME:-$(_readaccountconf_mutable OPENPROVIDER_REST_USERNAME)}"
+  OPENPROVIDER_REST_PASSWORD="${OPENPROVIDER_REST_PASSWORD:-$(_readaccountconf_mutable OPENPROVIDER_REST_PASSWORD)}"
+
+  if [ -z "$OPENPROVIDER_REST_USERNAME" ] || [ -z "$OPENPROVIDER_REST_PASSWORD" ]; then
+    OPENPROVIDER_REST_USERNAME=""
+    OPENPROVIDER_REST_PASSWORD=""
+    _err "You didn't specify the Openprovider username or password yet."
+    return 1
+  fi
+
+  #save the credentials to the account conf file.
+  _saveaccountconf_mutable OPENPROVIDER_REST_USERNAME "$OPENPROVIDER_REST_USERNAME"
+  _saveaccountconf_mutable OPENPROVIDER_REST_PASSWORD "$OPENPROVIDER_REST_PASSWORD"
+}
+
+_openprovider_rest() {
+  httpmethod=$1
+  queryparameters=$2
+  requestbody=$3
+
+  _openprovider_rest_login
+  if [ -z "$openproviderauthtoken" ]; then
+    _err "Unable to fetch authentication token from Openprovider API."
+    return 1
+  fi
+
+  export _H1="Content-Type: application/json"
+  export _H2="Accept: application/json"
+  export _H3="Authorization: Bearer $openproviderauthtoken"
+
+  if [ "$httpmethod" != "GET" ]; then
+    response="$(_post "$requestbody" "$OPENPROVIDER_API_URL/$queryparameters" "" "$httpmethod")"
+  else
+    response="$(_get "$OPENPROVIDER_API_URL/$queryparameters")"
+  fi
+
+  if [ "$?" != "0" ]; then
+    _err "No valid parameters supplied for Openprovider API: Error $queryparameters"
+    return 1
+  fi
+
+  _debug2 response "$response"
+
+  return 0
+}
+
+_openprovider_rest_login() {
+  export _H1="Content-Type: application/json"
+  export _H2="Accept: application/json"
+
+  loginrequesturl="$OPENPROVIDER_API_URL/auth/login"
+  loginrequestbody="{\"ip\":\"0.0.0.0\",\"password\":\"$OPENPROVIDER_REST_PASSWORD\",\"username\":\"$OPENPROVIDER_REST_USERNAME\"}"
+  loginresponse="$(_post "$loginrequestbody" "$loginrequesturl" "" "POST")"
+
+  openproviderauthtoken="$(printf "%s\n" "$loginresponse" | _egrep_o '"token" *: *"[^"]*' | _head_n 1 | sed 's#^"token" *: *"##')"
+
+  export openproviderauthtoken
+}
+
+####################  Private functions ##################################
+
+# Usage: _get_dns_zone _acme-challenge.www.domain.com
+# Returns:
+# _domain_id=123456789
+# _domain_name=domain.com
+# _sub_domain=_acme-challenge.www
+_get_dns_zone() {
+  domain=$1
+  i=1
+  p=1
+
+  while true; do
+    h=$(printf "%s" "$domain" | cut -d . -f "$i"-100)
+    if [ -z "$h" ]; then
+      # Empty value not allowed
+      return 1
+    fi
+
+    if ! _openprovider_rest GET "dns/zones/$h" ""; then
+      return 1
+    fi
+
+    if _contains "$response" "\"name\":\"$h\""; then
+      _domain_id="$(printf "%s\n" "$response" | _egrep_o '"id" *: *[^,]*' | _head_n 1 | sed 's#^"id" *: *##')"
+      _debug _domain_id "$_domain_id"
+
+      _domain_name="$h"
+      _debug _domain_name "$_domain_name"
+
+      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-"$p")
+      _debug _sub_domain "$_sub_domain"
+      return 0
+    fi
+
+    p=$i
+    i=$(_math "$i" + 1)
+  done
+
+  return 1
+}
diff --git a/dnsapi/dns_pleskxml.sh b/dnsapi/dns_pleskxml.sh
@@ -8,7 +8,7 @@ Options:
  pleskxml_user Username
  pleskxml_pass Password
 Issues: github.com/acmesh-official/acme.sh/issues/2577
-Author: Stilez, <https://github.com/romanlum>
+Author: @Stilez, @romanlum
 '
 
 ##  Plesk XML API described at:

diff --git a/dnsapi/dns_schlundtech.sh b/dnsapi/dns_schlundtech.sh
@@ -7,7 +7,7 @@ Options:
  SCHLUNDTECH_USER Username
  SCHLUNDTECH_PASSWORD Password
 Issues: github.com/acmesh-official/acme.sh/issues/2246
-Author: <https://github.com/mod242>
+Author: @mod242
 '
 
 SCHLUNDTECH_API="https://gateway.schlundtech.de"