Integration of DNS Connectors

The DNS Connector feature in CERTInext enables integration with external DNS providers for automated DNS-based domain validation workflows. DNS connectors are primarily used to automate DNS-01 ACME challenge validation during certificate issuance, renewal, and lifecycle operations.

By integrating DNS providers directly with CERTInext, organizations can eliminate manual DNS record creation and accelerate certificate provisioning processes.

Supported DNS providers include:

• Cloudflare

• AWS Route 53

• Microsoft Azure DNS

DNS connector integration is especially useful for:

• Wildcard certificate issuance

• Automated ACME workflows

• Public CA domain validation

• Large-scale certificate automation

• Multi-domain certificate management

Accessing DNS Connectors

To configure a DNS connector:

1. Navigate to Integrations → DNS Connectors

2. Click Create DNS Connector

This opens the DNS connector configuration page where provider-specific authentication and DNS zone details are configured.

Supported DNS Providers

CERTInext currently supports the following DNS providers:

Cloudflare DNS Connector

The Cloudflare connector enables CERTInext to create and manage DNS TXT records automatically for domain validation workflows.

Configuration Fields

Name

Defines a unique connector name.

Example:

Provider Type

Select:

API Token

Defines the Cloudflare API token used for DNS automation.

The token must have permissions for:

• Zone Read

• DNS Edit

This token is securely stored within CERTInext.

Zone ID

Defines the Cloudflare Zone ID associated with the domain.

Example:

The Zone ID can be obtained from the Cloudflare dashboard.

AWS Route 53 DNS Connector

The Route 53 connector enables CERTInext to automate DNS validation using AWS-hosted DNS zones.

Configuration Fields

Name

Defines the connector name.

Example:

Provider Type

Select:

AWS Access Key ID

Defines the AWS IAM Access Key ID used for API authentication.

The IAM user should have Route 53 DNS management permissions.

AWS Secret Access Key

Defines the AWS Secret Access Key associated with the IAM user.

This credential is securely stored within CERTInext.

Hosted Zone ID

Defines the AWS Route 53 Hosted Zone ID.

Example:

The Hosted Zone ID identifies the DNS zone where TXT validation records will be created.

Azure DNS Connector

The Azure DNS connector enables CERTInext to automate DNS validation using Microsoft Azure DNS services.

Configuration Fields

Name

Defines the connector name.

Example:

Provider Type

Select:

Tenant ID

Defines the Microsoft Entra ID (Azure AD) tenant identifier.

Example:

Client ID

Defines the Azure application Client ID used for API authentication.

Client Secret

Defines the Client Secret associated with the Azure application.

This credential is securely stored within CERTInext.

Subscription ID

Defines the Azure subscription associated with the DNS zone.

Resource Group

Defines the Azure Resource Group where the DNS zone exists.

Example:

Zone Name

Defines the Azure DNS zone name.

Example:

Saving the DNS Connector

After entering the required provider details:

1. Click Save

2. CERTInext validates:

   • Provider configuration

   • Authentication credentials

   • DNS zone accessibility

   • API communication availability

Once validation succeeds, the connector becomes available for automated DNS validation workflows.

DNS Automation Workflow

Once configured, CERTInext can automatically:

• Create DNS TXT validation records

• Validate ACME DNS-01 challenges

• Remove temporary validation records

• Support wildcard certificate issuance

• Automate certificate renewals

• Reduce manual DNS operations

Typical automation flow:

Supported Certificate Operations

DNS connectors support:

• Wildcard certificate issuance

• ACME challenge automation

• Domain ownership validation

• Automated certificate renewals

• Public CA integrations

• Large-scale certificate provisioning workflows