Merge branch 'localdns' of https://github.com/Keyfactor/acme-provider-caplugin into localdns

bhillkeyfactor · bhillkeyfactor · commit 09f91826f901 · 2025-12-08T18:44:48.000-05:00
diff --git a/README.md b/README.md
@@ -315,7 +315,7 @@ The RFC 2136 provider enables ACME DNS-01 challenges with on-premise DNS servers
         * **EabKid** - External Account Binding Key ID (optional) 
         * **EabHmacKey** - External Account Binding HMAC key (optional) 
         * **SignerEncryptionPhrase** - Used to encrypt singer information when account is saved to disk (optional) 
-        * **DnsProvider** - DNS Provider to use for ACME DNS-01 challenges (options Google, Cloudflare, AwsRoute53, Azure, Ns1) 
+        * **DnsProvider** - DNS Provider to use for ACME DNS-01 challenges (options: Google, Cloudflare, AwsRoute53, Azure, Ns1, Rfc2136, WindowsDns) 
         * **Google_ServiceAccountKeyPath** - Google Cloud DNS: Path to service account JSON key file only if using Google DNS (Optional) 
         * **Google_ProjectId** - Google Cloud DNS: Project ID only if using Google DNS (Optional) 
         * **Cloudflare_ApiToken** - Cloudflare DNS: API Token only if using Cloudflare DNS (Optional) 
@@ -326,6 +326,16 @@ The RFC 2136 provider enables ACME DNS-01 challenges with on-premise DNS servers
         * **AwsRoute53_AccessKey** - Aws DNS: Access Key only if not using AWS DNS and default AWS Chain Creds on AWS (Optional) 
         * **AwsRoute53_SecretKey** - Aws DNS: Secret Key only if using AWS DNS and not using default AWS Chain Creds on AWS (Optional) 
         * **Ns1_ApiKey** - Ns1 DNS: Api Key only if Using Ns1 DNS (Optional) 
+        * **Rfc2136_Server** - RFC 2136 DNS: Server hostname or IP address (Optional) 
+        * **Rfc2136_Port** - RFC 2136 DNS: Server port (default 53) (Optional) 
+        * **Rfc2136_Zone** - RFC 2136 DNS: Zone name (e.g., example.com) (Optional) 
+        * **Rfc2136_TsigKeyName** - RFC 2136 DNS: TSIG key name for authentication (Optional) 
+        * **Rfc2136_TsigKey** - RFC 2136 DNS: TSIG key (base64 encoded) for authentication (Optional) 
+        * **Rfc2136_TsigAlgorithm** - RFC 2136 DNS: TSIG algorithm (default hmac-sha256) (Optional) 
+        * **WindowsDns_Server** - Windows DNS: Server hostname (leave empty for local server) (Optional) 
+        * **WindowsDns_Zone** - Windows DNS: Zone name (e.g., test.local) (Optional) 
+        * **WindowsDns_Username** - Windows DNS: Username for remote server (domain\user format) (Optional) 
+        * **WindowsDns_Password** - Windows DNS: Password for remote server (Optional) 
 
 2. Define [Certificate Profiles](https://software.keyfactor.com/Guides/AnyCAGatewayREST/Content/AnyCAGatewayREST/AddCP-Gateway.htm) and [Certificate Templates](https://software.keyfactor.com/Guides/AnyCAGatewayREST/Content/AnyCAGatewayREST/AddCA-Gateway.htm) for the Certificate Authority as required. One Certificate Profile must be defined per Certificate Template. It's recommended that each Certificate Profile be named after the Product ID. The Acme plugin supports the following product IDs:
 
diff --git a/integration-manifest.json b/integration-manifest.json
@@ -35,7 +35,7 @@
                 },
                 {
                     "name": "DnsProvider",
-                    "description": "DNS Provider to use for ACME DNS-01 challenges (options Google, Cloudflare, AwsRoute53, Azure, Ns1)"
+                    "description": "DNS Provider to use for ACME DNS-01 challenges (options: Google, Cloudflare, AwsRoute53, Azure, Ns1, Rfc2136, WindowsDns)"
                 },
                 {
                     "name": "Google_ServiceAccountKeyPath",
@@ -76,6 +76,46 @@
                 {
                     "name": "Ns1_ApiKey",
                     "description": "Ns1 DNS: Api Key only if Using Ns1 DNS (Optional)"
+                },
+                {
+                    "name": "Rfc2136_Server",
+                    "description": "RFC 2136 DNS: Server hostname or IP address (Optional)"
+                },
+                {
+                    "name": "Rfc2136_Port",
+                    "description": "RFC 2136 DNS: Server port (default 53) (Optional)"
+                },
+                {
+                    "name": "Rfc2136_Zone",
+                    "description": "RFC 2136 DNS: Zone name (e.g., example.com) (Optional)"
+                },
+                {
+                    "name": "Rfc2136_TsigKeyName",
+                    "description": "RFC 2136 DNS: TSIG key name for authentication (Optional)"
+                },
+                {
+                    "name": "Rfc2136_TsigKey",
+                    "description": "RFC 2136 DNS: TSIG key (base64 encoded) for authentication (Optional)"
+                },
+                {
+                    "name": "Rfc2136_TsigAlgorithm",
+                    "description": "RFC 2136 DNS: TSIG algorithm (default hmac-sha256) (Optional)"
+                },
+                {
+                    "name": "WindowsDns_Server",
+                    "description": "Windows DNS: Server hostname (leave empty for local server) (Optional)"
+                },
+                {
+                    "name": "WindowsDns_Zone",
+                    "description": "Windows DNS: Zone name (e.g., test.local) (Optional)"
+                },
+                {
+                    "name": "WindowsDns_Username",
+                    "description": "Windows DNS: Username for remote server (domain\\user format) (Optional)"
+                },
+                {
+                    "name": "WindowsDns_Password",
+                    "description": "Windows DNS: Password for remote server (Optional)"
                 }
             ],
             "enrollment_config": [],
