Let's Encrypt stopped working in my Home Assistant

I run Home Assistant, with the Let's Encrypt addon configured to us a DNS challenge with Cloud Flare on my domain. It has been running for over a year now and working fine. But I just got an email telling me my certificate was expiring and that I needed to renew it. When I tried to start the Let's Encrypt addon in Home Assistant, I get the following in my log:

s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[17:17:07] INFO: Selected DNS Provider: dns-cloudflare
[17:17:07] INFO: Use propagation seconds: 60
[17:17:08] INFO: Use CloudFlare token
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewing an existing certificate for sm13.link
Error determining zone_id: 6003 Invalid request headers. Please confirm that you have supplied valid Cloudflare API credentials. (Did you copy your entire API token/key? To use Cloudflare tokens, you'll need the python package cloudflare>=2.3.1. This certbot is running cloudflare 2.11.1)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped

I have rechecked the APIU token and it is still the same and is still correct in my Home Assistant configuration. Can anyone help me solve this issue?

Thanks,
Mike

Hi @ae8u, and welcome to the LE community forum

There is an unrenewed cert seen that will expire Feb 2nd.
crt.sh | sm13.link

Did you read that error message?
Did you take any corrective action?

Home Assistant also has its own community forum here https://community.home-assistant.io/

Thanks RG305,

Yes I did read the error message. As I stated in my post I did check the API token and it is correct, I did check the API token and it is correct, unchanged, and has been working for over a year (as is my email). I was not clear what the comment about the Python package is telling me. Is it stating that I need to roll back my Python package. If so, why and how did it get updated from 2.3.1 to 2.11.1 when it should not have been?

Here are a couple of links that might be helpful.

Thanks Bruce 5051,

I have already installed and configured Let's Encrypt in Home Assistant exactly as the link you listed above. And it has been running fine and has renewed the certificate several times since I installed it. I just ran command "sudo pip install cloudflare" and it completed successfully, stating that it

was already at 2.11.1 but ran and completed anyway. I tried again and still get the same error. Since the error is saying Cloudflare python needs to be 2.3.1 or higher, doesn't that mean 2.11.1 is OK?

That depends on how version numbering is working for that component.
Sometime I see 2.3.1 is greater than 2.11.1, sometime not.
I guess you could try just using 2.3.1, back up before trying.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.