We have been trying to renew certs via certbot and cloudflare DNS. Although command-line execution works fine, when we run certbot using a command file for the cert, we get the error:
Input the path to your Cloudflare credentials INI file
All config files are in place and contain the proper variables.
Any ideas???
/etc/letsencrypt/renewal/myserver.mydomain.com.conf
[renewalparams]
authenticator = dns-cloudflare
dns-cloudflare-credentials = /etc/letsencrypt/cloudflare.ini
dns-cloudflare-propagation-seconds = 60
preferred-challenges=dns
account = ****************************
server = https://acme-v02.api.letsencrypt.org/directory
/etc/letsencrypt/cloudflare.ini
dns_cloudflare_email = test@test.com
dns_cloudflare_api_key = ***************************************
conf file processing output
Processing /etc/letsencrypt/renewal/myserver.mydomain.com.conf
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator dns-cloudflare, Installer None
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
dns-01 challenge for myserver.mydomain.com
Cleaning up challenges
Attempting to renew cert (myserver.mydomain.com) from /etc/letsencrypt/renewal/myserver.mydomain.com.conf produced an unexpected error: Missing command line flag or config entry for this setting:
Input the path to your Cloudflare credentials INI file. Skipping.
My operating system is (include version):
Centos 7
Certbot version:
0.31.0
I installed Certbot with (certbot-auto, OS package manager, pip, etc):
yum
I ran this command and it produced this output:
certbot renew --dry-run
Certbot’s behavior differed from what I expected because:
Configuration file provided but reported not found when configuration file is processed
Here is a Certbot log showing the issue (if available):
Logs are stored in /var/log/letsencrypt
by default. Feel free to redact domains, e-mail and IP addresses as you see fit.
2019-03-05 18:11:14,084:WARNING:certbot.renewal:Attempting to renew cert (myserver.mydomain.com) from /etc/letsencrypt/renewal/myserver.mydomain.com.conf produced an unexpected error: Missing command line flag or config entry for this setting:
Input the path to your Cloudflare credentials INI file. Skipping.
2019-03-05 18:11:14,085:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File “/usr/lib/python2.7/site-packages/certbot/renewal.py”, line 452, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 1193, in renew_cert
renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 116, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File “/usr/lib/python2.7/site-packages/certbot/renewal.py”, line 310, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
File “/usr/lib/python2.7/site-packages/certbot/client.py”, line 353, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File “/usr/lib/python2.7/site-packages/certbot/client.py”, line 389, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File “/usr/lib/python2.7/site-packages/certbot/auth_handler.py”, line 75, in handle_authorizations
resp = self._solve_challenges(aauthzrs)
File “/usr/lib/python2.7/site-packages/certbot/auth_handler.py”, line 139, in _solve_challenges
resp = self.auth.perform(all_achalls)
File “/usr/lib/python2.7/site-packages/certbot/plugins/dns_common.py”, line 47, in perform
self._setup_credentials()
File “/usr/lib/python2.7/site-packages/certbot_dns_cloudflare/dns_cloudflare.py”, line 47, in _setup_credentials
‘api-key’: ‘API key for Cloudflare account, obtained from {0}’.format(ACCOUNT_URL)
File “/usr/lib/python2.7/site-packages/certbot/plugins/dns_common.py”, line 168, in _configure_credentials
self._configure_file(key, label, __validator)
File “/usr/lib/python2.7/site-packages/certbot/plugins/dns_common.py”, line 138, in _configure_file
new_value = self._prompt_for_file(label, validator)
File “/usr/lib/python2.7/site-packages/certbot/plugins/dns_common.py”, line 230, in _prompt_for_file
force_interactive=True)
File “/usr/lib/python2.7/site-packages/certbot/display/ops.py”, line 372, in validated_directory
validator, *args, **kwargs)
File “/usr/lib/python2.7/site-packages/certbot/display/ops.py”, line 329, in _get_validated
code, raw = method(message, default=default, **kwargs)
File “/usr/lib/python2.7/site-packages/certbot/display/util.py”, line 583, in directory_select
return self.input(message, default, cli_flag)
File “/usr/lib/python2.7/site-packages/certbot/display/util.py”, line 524, in input
self._interaction_fail(message, cli_flag)
File “/usr/lib/python2.7/site-packages/certbot/display/util.py”, line 469, in _interaction_fail
raise errors.MissingCommandlineFlag(msg)
MissingCommandlineFlag: Missing command line flag or config entry for this setting:
Input the path to your Cloudflare credentials INI file