Internal class delegating to a module, and displaying warnings when attributes related to TLS-SNI-01 are accessed.


ArgumentParser options namespace (prefix of all options).


ArgumentParser dest namespace (prefix of all destinations).

class certbot.plugins.common.Plugin(config, name)[source]

Bases: object

Generic plugin.

classmethod add_parser_arguments(add)[source]

Add plugin arguments to the CLI argument parser.

NOTE: If some of your flags interact with others, you can use cli.report_config_interaction to register this to ensure values are correctly saved/overridable during renewal.

Parameters:add (callable) – Function that proxies calls to argparse.ArgumentParser.add_argument prepending options with unique plugin name prefix.
classmethod inject_parser_options(parser, name)[source]

Inject parser options.

See inject_parser_options for docs.


ArgumentParser options namespace (prefix of all options).


Option name (include plugin namespace).


ArgumentParser dest namespace (prefix of all destinations).


Find a destination for given variable var.


Find a configuration value for variable var.

class certbot.plugins.common.Installer(*args, **kwargs)[source]

Bases: certbot.plugins.common.Plugin

An installer base class with reverter and ssl_dhparam methods defined.

Installer plugins do not have to inherit from this class.

add_to_checkpoint(save_files, save_notes, temporary=False)[source]

Add files to a checkpoint.

  • save_files (set) – set of filepaths to save
  • save_notes (str) – notes about changes during the save
  • temporary (bool) – True if the files should be added to a temporary checkpoint rather than a permanent one. This is usually used for changes that will soon be reverted.

errors.PluginError – when unable to add to checkpoint


Timestamp and save changes made through the reverter.

Parameters:title (str) – Title describing checkpoint
Raises:errors.PluginError – when an error occurs

Revert all previously modified files.

Reverts all modified files that have not been saved as a checkpoint

Raises:errors.PluginError – If unable to recover the configuration

Rollback temporary checkpoint.

Raises:errors.PluginError – when unable to revert config

Rollback saved checkpoints.

Parameters:rollback (int) – Number of checkpoints to revert
Raises:errors.PluginError – If there is a problem with the input or the function is unable to correctly revert the configuration

Full absolute path to ssl_dhparams file.


Full absolute path to digest of updated ssl_dhparams file.


Copy Certbot’s ssl_dhparams file into the system’s config dir if required.

class certbot.plugins.common.Addr(tup, ipv6=False)[source]

Bases: object

Represents an virtual host address.

  • addr (str) – addr part of vhost address
  • port (str) – port number or *, or “”
classmethod fromstring(str_addr)[source]

Initialize Addr from string.


Normalized representation of addr/port tuple


Return addr part of Addr object.


Return port.


Return new address object with same addr and new port.


Return IPv6 address in normalized form, helper function


Return IPv6 in normalized form


Explode IPv6 address for comparison

class certbot.plugins.common.ChallengePerformer(configurator)[source]

Bases: object

Abstract base for challenge performers.

  • configurator – Authenticator and installer plugin
  • achalls (list of KeyAuthorizationAnnotatedChallenge) – Annotated challenges
  • indices (list of int) – Holds the indices of challenges from a larger array so the user of the class doesn’t have to.
add_chall(achall, idx=None)[source]

Store challenge to be performed when perform() is called.


Perform all added challenges.

Returns:challenge responses
Return type:list of acme.challenges.KeyAuthorizationChallengeResponse
certbot.plugins.common.install_version_controlled_file(dest_path, digest_path, src_path, all_hashes)[source]

Copy a file into an active location (likely the system’s config dir) if required.

  • dest_path (str) – destination path for version controlled file
  • digest_path (str) – path to save a digest of the file in
  • src_path (str) – path to version controlled file found in distribution
  • all_hashes (list) – hashes of every released version of the file
certbot.plugins.common.dir_setup(test_dir, pkg)[source]

Setup the directories necessary for the configurator.

class certbot.plugins.common._TLSSNI01DeprecationModule(module)[source]

Bases: object

Internal class delegating to a module, and displaying warnings when attributes related to TLS-SNI-01 are accessed.