efficientip: add insecure skip verify option (#2052)

Co-authored-by: Fernandez Ludovic <[email protected]>

Author: alexissavin

cmd/zz_gen_cmd_dnshelp.go

@@ -964,6 +964,7 @@ func displayDNSHelp(w io.Writer, name string) error {
 
 		ew.writeln(`Additional Configuration:`)
 		ew.writeln(`	- "EFFICIENTIP_HTTP_TIMEOUT":	API request timeout`)
+		ew.writeln(`	- "EFFICIENTIP_INSECURE_SKIP_VERIFY":	Whether or not to verify EfficientIP API certificate`)
 		ew.writeln(`	- "EFFICIENTIP_POLLING_INTERVAL":	Time between DNS propagation check`)
 		ew.writeln(`	- "EFFICIENTIP_PROPAGATION_TIMEOUT":	Maximum waiting time for DNS propagation`)
 		ew.writeln(`	- "EFFICIENTIP_TTL":	The TTL of the TXT record used for the DNS challenge`)

docs/content/dns/zz_gen_efficientip.md

@@ -54,6 +54,7 @@ More information [here]({{< ref "dns#configuration-and-credentials" >}}).
 | Environment Variable Name | Description |
 |--------------------------------|-------------|
 | `EFFICIENTIP_HTTP_TIMEOUT` | API request timeout |
+| `EFFICIENTIP_INSECURE_SKIP_VERIFY` | Whether or not to verify EfficientIP API certificate |
 | `EFFICIENTIP_POLLING_INTERVAL` | Time between DNS propagation check |
 | `EFFICIENTIP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
 | `EFFICIENTIP_TTL` | The TTL of the TXT record used for the DNS challenge |

providers/dns/efficientip/efficientip.go

@@ -3,6 +3,7 @@ package efficientip
 
 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"net/http"
@@ -26,6 +27,7 @@ const (
 	EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
 	EnvPollingInterval    = envNamespace + "POLLING_INTERVAL"
 	EnvHTTPTimeout        = envNamespace + "HTTP_TIMEOUT"
+	EnvInsecureSkipVerify = envNamespace + "INSECURE_SKIP_VERIFY"
 )
 
 // Config is used to configure the creation of the DNSProvider.
@@ -35,6 +37,7 @@ type Config struct {
 	Hostname           string
 	DNSName            string
 	ViewName           string
+	InsecureSkipVerify bool
 	PropagationTimeout time.Duration
 	PollingInterval    time.Duration
 	HTTPClient         *http.Client
@@ -71,6 +74,7 @@ func NewDNSProvider() (*DNSProvider, error) {
 	config.Hostname = values[EnvHostname]
 	config.DNSName = values[EnvDNSName]
 	config.ViewName = env.GetOrDefaultString(EnvViewName, "")
+	config.InsecureSkipVerify = env.GetOrDefaultBool(EnvInsecureSkipVerify, false)
 
 	return NewDNSProviderConfig(config)
 }
@@ -100,6 +104,12 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 		client.HTTPClient = config.HTTPClient
 	}
 
+	if config.InsecureSkipVerify {
+		client.HTTPClient.Transport = &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+		}
+	}
+
 	return &DNSProvider{config: config, client: client}, nil
 }
 

providers/dns/efficientip/efficientip.toml

@@ -19,6 +19,7 @@ lego --email [email protected] --dns efficientip --domains my.example.org run
     EFFICIENTIP_HOSTNAME = "Hostname (ex: foo.example.com)"
     EFFICIENTIP_DNS_NAME = "DNS name (ex: dns.smart)"
   [Configuration.Additional]
+    EFFICIENTIP_INSECURE_SKIP_VERIFY = "Whether or not to verify EfficientIP API certificate"
     EFFICIENTIP_VIEW_NAME = "View name (ex: external)"
     EFFICIENTIP_POLLING_INTERVAL = "Time between DNS propagation check"
     EFFICIENTIP_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"