KeyError: 'code' on generate domain with punycode -> 🇪🇨.cf

My domain is:

I ran this command:
certbot certonly --dns-cloudflare --dns-cloudflare-credentials /run/secrets/api_cloudflare_secret -d xn–g77h --preferred-challenges dns-01

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator dns-cloudflare, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for xn–
Unsafe permissions on credentials configuration file: /run/secrets/api_cloudflare_secret
Cleaning up challenges
An unexpected error occurred:
KeyError: ‘code’
Please see the logfiles in /var/log/letsencrypt for more details.

My web server is (include version):

The operating system my web server runs on is (include version):
Linux Mint 19, I am running in a Certbot (with cloudflare) docker image

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 1.3.0

This is what I found in log files
File “/opt/certbot/src/certbot-dns-cloudflare/certbot_dns_cloudflare/_internal/”, line 116, in add_txt_record, data=data) # zones | pylint: disable=no-member
File “/usr/local/lib/python3.8/site-packages/CloudFlare/”, line 636, in post
return self._base.call_with_auth(‘POST’, self._parts,
File “/usr/local/lib/python3.8/site-packages/CloudFlare/”, line 80, in call_with_auth
return self._call(method, headers, parts,
File “/usr/local/lib/python3.8/site-packages/CloudFlare/”, line 455, in _call
code = errors[‘code’]
KeyError: ‘code’
2020-07-20 04:27:16,829:ERROR:certbot._internal.log:An unexpected error occurred:

It’s not the punycode that is the problem, but .cf.

Cloudflare killed off the ability to use the DNS API if you’re on the Free plan and using one of the Freenom TLDs. See Nothing Certbot can do.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.