efficientip: add insecure skip verify option (#2052)

Co-authored-by: Fernandez Ludovic <ldez@users.noreply.github.com>
2025-10-31 16:37:41 +02:00 · 2023-11-12 21:29:57 +01:00
parent 5af3c6c042
commit 7186ebb6f1
4 changed files with 13 additions and 0 deletions
--- a/cmd/zz_gen_cmd_dnshelp.go
+++ b/cmd/zz_gen_cmd_dnshelp.go
@@ -964,6 +964,7 @@ func displayDNSHelp(w io.Writer, name string) error {

 		ew.writeln(`Additional Configuration:`)
 		ew.writeln(`	- "EFFICIENTIP_HTTP_TIMEOUT":	API request timeout`)
+		ew.writeln(`	- "EFFICIENTIP_INSECURE_SKIP_VERIFY":	Whether or not to verify EfficientIP API certificate`)
 		ew.writeln(`	- "EFFICIENTIP_POLLING_INTERVAL":	Time between DNS propagation check`)
 		ew.writeln(`	- "EFFICIENTIP_PROPAGATION_TIMEOUT":	Maximum waiting time for DNS propagation`)
 		ew.writeln(`	- "EFFICIENTIP_TTL":	The TTL of the TXT record used for the DNS challenge`)
--- a/docs/content/dns/zz_gen_efficientip.md
+++ b/docs/content/dns/zz_gen_efficientip.md
@@ -54,6 +54,7 @@ More information [here]({{< ref "dns#configuration-and-credentials" >}}).
 | Environment Variable Name | Description |
 |--------------------------------|-------------|
 | `EFFICIENTIP_HTTP_TIMEOUT` | API request timeout |
+| `EFFICIENTIP_INSECURE_SKIP_VERIFY` | Whether or not to verify EfficientIP API certificate |
 | `EFFICIENTIP_POLLING_INTERVAL` | Time between DNS propagation check |
 | `EFFICIENTIP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
 | `EFFICIENTIP_TTL` | The TTL of the TXT record used for the DNS challenge |
--- a/providers/dns/efficientip/efficientip.go
+++ b/providers/dns/efficientip/efficientip.go
@@ -3,6 +3,7 @@ package efficientip

 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"net/http"
@@ -26,6 +27,7 @@ const (
 	EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
 	EnvPollingInterval    = envNamespace + "POLLING_INTERVAL"
 	EnvHTTPTimeout        = envNamespace + "HTTP_TIMEOUT"
+	EnvInsecureSkipVerify = envNamespace + "INSECURE_SKIP_VERIFY"
 )

 // Config is used to configure the creation of the DNSProvider.
@@ -35,6 +37,7 @@ type Config struct {
 	Hostname           string
 	DNSName            string
 	ViewName           string
+	InsecureSkipVerify bool
 	PropagationTimeout time.Duration
 	PollingInterval    time.Duration
 	HTTPClient         *http.Client
@@ -71,6 +74,7 @@ func NewDNSProvider() (*DNSProvider, error) {
 	config.Hostname = values[EnvHostname]
 	config.DNSName = values[EnvDNSName]
 	config.ViewName = env.GetOrDefaultString(EnvViewName, "")
+	config.InsecureSkipVerify = env.GetOrDefaultBool(EnvInsecureSkipVerify, false)

 	return NewDNSProviderConfig(config)
 }
@@ -100,6 +104,12 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 		client.HTTPClient = config.HTTPClient
 	}

+	if config.InsecureSkipVerify {
+		client.HTTPClient.Transport = &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+		}
+	}
+
 	return &DNSProvider{config: config, client: client}, nil
 }

--- a/providers/dns/efficientip/efficientip.toml
+++ b/providers/dns/efficientip/efficientip.toml
@@ -19,6 +19,7 @@ lego --email you@example.com --dns efficientip --domains my.example.org run
    EFFICIENTIP_HOSTNAME = "Hostname (ex: foo.example.com)"
    EFFICIENTIP_DNS_NAME = "DNS name (ex: dns.smart)"
  [Configuration.Additional]
+    EFFICIENTIP_INSECURE_SKIP_VERIFY = "Whether or not to verify EfficientIP API certificate"
    EFFICIENTIP_VIEW_NAME = "View name (ex: external)"
    EFFICIENTIP_POLLING_INTERVAL = "Time between DNS propagation check"
    EFFICIENTIP_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"