cert.sh
certbot renew --quiet --manual --preferred-challenges dns \
--manual-public-ip-logging-ok \
--manual-auth-hook cert_dns.sh \
--deploy-hook cert_deploy.shcert_dns.sh
ssh $DNS "nsupdate <( echo \"server 127.0.0.1
update delete _acme-challenge.$CERTBOT_DOMAIN.
update add _acme-challenge.$CERTBOT_DOMAIN. 3600 TXT $CERTBOT_VALIDATION
send
quit\" )"
sleep 10See letsencrypt for other options.