Edit feature for certification to update the DNS settings

[lokeshkato]

Summary

Currently, the application lacks the ability to modify the DNS Provider configuration once an SSL certificate has been created. If a user’s DNS API key expires, is rotated for security, or needs to be corrected, there is no mechanism within the UI to update these credentials. This creates a significant bottleneck for maintaining automated renewals via DNS-01 challenges.

Technical Details

1. Backend: certificate.js – update() for LE DNS: merge meta, patch DB, then use same flow as create (disable hosts → requestLetsEncryptSslWithDnsChallenge → enable hosts + reload nginx), then refresh expires_on.
2. Frontend: "Edit DNS Settings" dropdown item for LE DNS certs.
3. Locales: All 22 locale JSON files (en, de, fr, etc.) updated with certificates.edit-dns-settings and certificates.dns.credentials-update.

Screenshots

Why this helps

• Efficiency: Eliminates the need to manually update dozens of Proxy Hosts just to change a single API string.
• Security: Encourages users to rotate their DNS API keys regularly, as the process would no longer be a destructive administrative task.
• User Experience: Aligns the SSL management workflow with the rest of the application (like Proxy Hosts, Streams, Redirection Hosts), where settings are expected to be editable rather than permanent.
• Reduced Downtime: Prevents certificates from expiring due to "unfixable" credential errors, ensuring services remain accessible and secure.

#5367

[jc21]

Code Review

Three frontend issues worth addressing before merge:

1. Credentials pre-fill contradicts the editMode comment

getInitialValues in DNSCertificateModal.tsx explicitly populates dnsProviderCredentials from the existing certificate object, but the comment added to DNSProviderFields.tsx says "credentials field is for new credentials only; existing credentials are never displayed." These are contradictory — pick one behaviour and align the code and comment. If the intent is to never show existing credentials (which the edit label "New Credentials File Content (replaces existing)" implies), the initial value should be "".

2. useEffect dependency fragility in DNSProviderFields

useEffect(() => {
  if (selectedOption && (v.meta?.dnsProviderCredentials ?? "") === "") {
    setFieldValue("meta.dnsProviderCredentials", selectedOption.credentials);
  }
}, [selectedOption, selectedOption?.credentials, v.meta?.dnsProviderCredentials, setFieldValue]);

selectedOption is derived inline via options.find(...) and gets a new object reference on every render. The guard condition prevents most problems, but in edit mode where credentials are pre-filled, if a user clears the field it could overwrite with the plugin template rather than leaving it blank. Using a stable ID (e.g. dnsProviderId) as the key dependency would be more reliable.

3. Modal indentation regression

The body of the EasyModal.create callback in DNSCertificateModal.tsx is indented at 8 spaces instead of the file's standard 4, introduced during the edit-mode refactor.

[jc21]

CI is currently failing because of missing examples in the swagger schema:

14:09:45  cypress-1  | results/swagger-schema.json:2859:33  ▲           media type is missing `examples` or `example`                               
14:09:45  cypress-1  | $.paths['/nginx/certificates/{certID}'].put.requestBody.content['application/json']
14:09:45  cypress-1  | rule: oas3-missing-example  category: Examples
14:09:45  cypress-1  | 
14:09:45  cypress-1  | results/swagger-schema.json:2864:19  ▲           media type schema property `meta` is missing `examples` or `example`        
14:09:45  cypress-1  | $.paths['/nginx/certificates/{certID}'].put.requestBody.content['application/json'].schema.properties['meta']
14:09:45  cypress-1  | rule: oas3-missing-example  category: Examples