Missing properties in cloudflare ini file

My domain is:
delmenhorstbulldogs.de

I ran this command:
certbot certonly --dns-cloudflare --dns-cloudflare-credentials /.secrets/certbot/cloudflare.ini -d *.tom-holscher.de -d *.squadofgods.de -d *.delmenhorstbulldogds.de

It produced this output:
Do you want to expand and replace this existing certificate with the new
certificate?


(E)xpand/(C)ancel: E
Renewing an existing certificate
Performing the following challenges:
dns-01 challenge for delmenhorstbulldogds.de
Cleaning up challenges
Missing properties in credentials configuration file /.secrets/certbot/cloudflare.ini:

  • Property "dns_cloudflare_email" not found (should be email address associated with Cloudflare account).
  • Property "dns_cloudflare_api_key" not found (should be API key for Cloudflare account, obtained from https://dash.cloudflare.com/profile/api-tokens).

My web server is (include version):
Apache
The operating system my web server runs on is (include version):
Ubunto 20.04

I can login to a root shell on my machine (yes or no, or I don't know):
yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 0.40.0

is my cersion to low, must i upgrade it, when yes, how?

Kind Regards, Tom

1 Like

Is the path to your ini file actually /.secrets/certbot/cloudflare.ini rather than something like ~/.secrets/certbot/cloudflare.ini or /home/tom/.secrets/certbot/cloudflare.ini?

3 Likes

the path to the file is /.secrets/certbot/cloudflare.ini

Is that path/file accessible [readable] to certbot ?
Does the file contain all the necessary fields?

2 Likes

i think its readable, i have made chmod 600 to the file.
there is the field dns_cloudflare_api_token in the file, but i dont use the api key and email, i have made it a few weeks ago with the global token and it worked, but not yet
when i add the fields to the file it says, that the key is wronk or like this, but i have copyied it from cloudflare. and i would to use the global api token because its better

i have tested a little bit, and tryed to use only the global key, but it doesnt work, he says
Missing properties in credentials configuration file /root/.secrets/cloudflare.ini:
* Property "dns_cloudflare_email" not found (should be email address associated with Cloudflare account).
* Property "dns_cloudflare_api_key" not found (should be API key for Cloudflare account, obtained from https://dash.cloudflare.com/profile/api-tokens).

why does i cant use only my global key?
i use certbot 0.40.0

1 Like

The docs page for the plugin makes it sound like limited scope tokens are only supported on newer versions of the module?

Using Cloudflare Tokens also requires at least version 2.3.1 of the cloudflare python module. If the version that automatically installed with this plugin is older than that, and you can’t upgrade it on your system, you’ll have to stick to the Global key.

Can you check what version is installed?

2 Likes

how can i see my cloudflare python mudles version?

1 Like

Try pip list to list the installed modules.

2 Likes

I dont use pip, i use apt and snap

1 Like

in my apt list i can find:
python3-cloudflare/focal,focal,now 2.1.0-1 all [installed,automatic]
and
python3-certbot-dns-cloudflare/focal,focal,now 0.39.0-1 all [installed]

and on snap i use:
certbot-dns-cloudflare 1.13.0 631 latest/stable certbot-eff✓ -

1 Like

It sounds very much like you have two different copies of Certbot installed and are running the older version.

The installation instructions for the Certbot snap suggest that you first remove the apt versions of your Certbot packages, which would prevent the older version being accidentally used.

In the meantime, you can try calling /snap/bin/certbot directly while using only dns_cloudflare_api_token, and it should work.

4 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.