Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: wiki.labor-habermehl.de
I ran this command: certbot --config /etc/letsencrypt.ini --work-dir /tmp/letsencrypt-lib --logs-dir /tmp/letsencrypt-log --cert-name npm-32 --agree-tos --email chris@ueba3ba.de --domains wiki.labor-habermehl.de --authenticator dns-ionos --dns-ionos-credentials /etc/letsencrypt/credentials/credentials-32
It produced this output:2024-10-01 09:58:25,695:DEBUG:certbot._internal.main:certbot version: 2.11.0
2024-10-01 09:58:25,696:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2024-10-01 09:58:25,696:DEBUG:certbot._internal.main:Arguments: ['--config', '/etc/letsencrypt.ini', '--work-dir', '/tmp/letsencrypt-lib', '--logs-dir', '/tmp/letsencrypt-log', '--cert-name', 'npm-32', '--agree-tos', '--email', 'chris@ueba3ba.de', '--domains', 'wiki.labor-habermehl.de', '--authenticator', 'dns-ionos', '--dns-ionos-credentials', '/etc/letsencrypt/credentials/credentials-32']
2024-10-01 09:58:25,696:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#dns-ionos,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-10-01 09:58:25,709:DEBUG:certbot._internal.log:Root logging level set at 30
2024-10-01 09:58:25,710:DEBUG:certbot._internal.plugins.selection:Requested authenticator dns-ionos and installer None
2024-10-01 09:58:25,710:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * dns-ionos
Description: Obtain certificates using a DNS TXT record (if you are using IONOS for DNS).
Interfaces: Authenticator, Plugin
Entry point: EntryPoint(name='dns-ionos', value='certbot_dns_ionos.dns_ionos:Authenticator', group='certbot.plugins')
Initialized: <certbot_dns_ionos.dns_ionos.Authenticator object at 0x7fc783dd2a90>
Prep: True
2024-10-01 09:58:25,710:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_dns_ionos.dns_ionos.Authenticator object at 0x7fc783dd2a90> and installer None
2024-10-01 09:58:25,710:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator dns-ionos, Installer None
2024-10-01 09:58:25,758:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1186170437', new_authzr_uri=None, terms_of_service=None), 62fa970a6ab5b5ad6cf1fd18bee7c3be, Meta(creation_dt=datetime.datetime(2023, 7, 2, 0, 51, 29, tzinfo=), creation_host='de8e78ee0e4e', register_to_eff=None))>
2024-10-01 09:58:25,759:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2024-10-01 09:58:25,761:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2024-10-01 09:58:26,194:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 746
2024-10-01 09:58:26,195:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 01 Oct 2024 07:58:26 GMT
Content-Type: application/json
Content-Length: 746
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"8Wcv8W_VlYs": "Adding random entries to the directory",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-03/renewalInfo",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2024-10-01 09:58:26,196:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for wiki.labor-habermehl.de
2024-10-01 09:58:26,202:DEBUG:acme.client:Requesting fresh nonce
2024-10-01 09:58:26,202:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2024-10-01 09:58:26,338:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2024-10-01 09:58:26,339:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 01 Oct 2024 07:58:26 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: PqaU5B9Mec_Mg2x-5AboDtn4-b1IdPzINC6T0AxPs5fE8oTH67U
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2024-10-01 09:58:26,339:DEBUG:acme.client:Storing nonce: PqaU5B9Mec_Mg2x-5AboDtn4-b1IdPzINC6T0AxPs5fE8oTH67U
2024-10-01 09:58:26,340:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "wiki.labor-habermehl.de"\n }\n ]\n}'
2024-10-01 09:58:26,343:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTE4NjE3MDQzNyIsICJub25jZSI6ICJQcWFVNUI5TWVjX01nMngtNUFib0R0bjQtYjFJZFB6SU5DNlQwQXhQczVmRThvVEg2N1UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
"signature": "mumNFxUFMKZrqal82Xg3jt2qAkDjq3RhAaQB5Yxo8vKI8_l-Cslwne9ifTRxGJqqHvSdfUdYXUiBbkyic7vlU2ZUINBXiQYyu5nhPIN4cYv627I4VoPSRKeIgLwSp0VjHMZTPkxf-tYfDigS2wYIC3PKMUZ6Wy4SOsbYFhl-BQHN16JUB1uZOQn1-qaVW3gzNu09iv3P2NIOXMjoZjL23c6Q3p0g76s1Leni3aL2bv7IldMzEEOPv8rI_I_49EStaZtXvOk32OU3XMmu0K6mtp8do2IwS4RTDyNzUaKIYm7fXQxC82Z3swWRBAv5owxzboOmqu3dGPFxtmudRPkQjg",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndpa2kubGFib3ItaGFiZXJtZWhsLmRlIgogICAgfQogIF0KfQ"
}
2024-10-01 09:58:26,523:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 349
2024-10-01 09:58:26,524:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 01 Oct 2024 07:58:26 GMT
Content-Type: application/json
Content-Length: 349
Connection: keep-alive
Boulder-Requester: 1186170437
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/1186170437/309761701677
Replay-Nonce: A3ydJM1FLjUM8NShq-YlhZg62AEfb9W5PhK_ilINftl5vGbM3kE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2024-10-08T07:14:14Z",
"identifiers": [
{
"type": "dns",
"value": "wiki.labor-habermehl.de"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/410401051317"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/1186170437/309761701677"
}
2024-10-01 09:58:26,525:DEBUG:acme.client:Storing nonce: A3ydJM1FLjUM8NShq-YlhZg62AEfb9W5PhK_ilINftl5vGbM3kE
2024-10-01 09:58:26,525:DEBUG:acme.client:JWS payload:
b''
2024-10-01 09:58:26,528:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/410401051317:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTE4NjE3MDQzNyIsICJub25jZSI6ICJBM3lkSk0xRkxqVU04TlNocS1ZbGhaZzYyQUVmYjlXNVBoS19pbElOZnRsNXZHYk0za0UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzQxMDQwMTA1MTMxNyJ9",
"signature": "hR5ncgHORN3ArSoWKmKRjRGsmA1MWe2miAiNTbMiJXeLQJ4PpJretCM6qLrBPSAlHQJwCE4FfonHNTs2Xy8j4VESBX1iwNpDfj47bxe7DftOeX24sB82AW54v7nQBL7F880pkAfGjfJzTIE_h8C-0gAtOZtTICKrpqto2_9l99kwK95GEBhuOyR55OGPmayi4HJsPnE8J7U3Jx0PsdbkZOnMgq7_TIYVTY6dEiB6lWD9NqaJVmsZausRwuw8vtMQRK2X9MQzryC6X7mfS5V8ImD4DrFSD4RSuEYvGrqjImvdzuuxk7blxkbLG1OZiKIq3cMI_tlktTTX8Rx8Gmz9Fg",
"payload": ""
}
2024-10-01 09:58:26,678:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/410401051317 HTTP/1.1" 200 807
2024-10-01 09:58:26,679:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 01 Oct 2024 07:58:26 GMT
Content-Type: application/json
Content-Length: 807
Connection: keep-alive
Boulder-Requester: 1186170437
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: A3ydJM1Fy3qqE7TIhc_aqvNFyuqaLMQ93X_WwqbY92ZE0YIw1aw
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "wiki.labor-habermehl.de"
},
"status": "pending",
"expires": "2024-10-08T07:14:14Z",
"challenges": [
{
"type": "tls-alpn-01",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/410401051317/MvRcRw",
"status": "pending",
"token": "g_UL6UPKNU0Fkv0s8iJp_i_pB_XB-Lyh0fY1CCXARgE"
},
{
"type": "dns-01",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/410401051317/sPrykA",
"status": "pending",
"token": "g_UL6UPKNU0Fkv0s8iJp_i_pB_XB-Lyh0fY1CCXARgE"
},
{
"type": "http-01",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/410401051317/dFwOmA",
"status": "pending",
"token": "g_UL6UPKNU0Fkv0s8iJp_i_pB_XB-Lyh0fY1CCXARgE"
}
]
}
2024-10-01 09:58:26,679:DEBUG:acme.client:Storing nonce: A3ydJM1Fy3qqE7TIhc_aqvNFyuqaLMQ93X_WwqbY92ZE0YIw1aw
2024-10-01 09:58:26,680:INFO:certbot._internal.auth_handler:Performing the following challenges:
2024-10-01 09:58:26,681:INFO:certbot._internal.auth_handler:dns-01 challenge for wiki.labor-habermehl.de
2024-10-01 09:58:26,682:DEBUG:certbot_dns_ionos.dns_ionos:_perform called with: domain: wiki.labor-habermehl.de, validation_name: _acme-challenge.wiki.labor-habermehl.de, validation: OKkoadfLe1U3OM_3605WpOhVdTDjxMGHVkFEyYtLDxs
2024-10-01 09:58:26,683:DEBUG:certbot_dns_ionos.dns_ionos:creating ionosclient
2024-10-01 09:58:26,683:DEBUG:certbot_dns_ionos.dns_ionos:get zones
2024-10-01 09:58:26,684:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): api.hosting.ionos.com:443
2024-10-01 09:58:26,847:DEBUG:urllib3.connectionpool:https://api.hosting.ionos.com:443 "GET /dns/v1/zones HTTP/1.1" 401 41
2024-10-01 09:58:26,847:DEBUG:certbot_dns_ionos.dns_ionos:API request to URL: https://api.hosting.ionos.com/dns/v1/zones
2024-10-01 09:58:26,849:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 88, in handle_authorizations
resps = self.auth.perform(achalls)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/plugins/dns_common.py", line 76, in perform
self._perform(domain, validation_domain_name, validation)
File "/opt/certbot/lib/python3.11/site-packages/certbot_dns_ionos/dns_ionos.py", line 52, in _perform
self._get_ionos_client().add_txt_record(
File "/opt/certbot/lib/python3.11/site-packages/certbot_dns_ionos/dns_ionos.py", line 153, in add_txt_record
zone_id, zone_name = self._find_managed_zone_id(domain)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot_dns_ionos/dns_ionos.py", line 90, in _find_managed_zone_id
zones = self._api_request(type='get', action="/dns/v1/zones")
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot_dns_ionos/dns_ionos.py", line 125, in _api_request
content = json.loads(resp.content)[0] # on error content is array with 1 element
~~~~~~~~~~~~~~~~~~~~~~~~^^^
KeyError: 0
2024-10-01 09:58:26,849:DEBUG:certbot._internal.error_handler:Calling registered functions
2024-10-01 09:58:26,849:INFO:certbot._internal.auth_handler:Cleaning up challenges
2024-10-01 09:58:26,849:DEBUG:certbot_dns_ionos.dns_ionos:creating ionosclient
2024-10-01 09:58:26,849:DEBUG:certbot_dns_ionos.dns_ionos:get zones
2024-10-01 09:58:26,850:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): api.hosting.ionos.com:443
2024-10-01 09:58:27,046:DEBUG:urllib3.connectionpool:https://api.hosting.ionos.com:443 "GET /dns/v1/zones HTTP/1.1" 401 41
2024-10-01 09:58:27,047:DEBUG:certbot_dns_ionos.dns_ionos:API request to URL: https://api.hosting.ionos.com/dns/v1/zones
2024-10-01 09:58:27,047:ERROR:certbot._internal.error_handler:Encountered exception during recovery: KeyError: 0
2024-10-01 09:58:27,048:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 8, in
sys.exit(main())
^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1894, in main
return config.func(config, plugins)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1600, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 143, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 517, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 88, in handle_authorizations
resps = self.auth.perform(achalls)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/plugins/dns_common.py", line 76, in perform
self._perform(domain, validation_domain_name, validation)
File "/opt/certbot/lib/python3.11/site-packages/certbot_dns_ionos/dns_ionos.py", line 52, in _perform
self._get_ionos_client().add_txt_record(
File "/opt/certbot/lib/python3.11/site-packages/certbot_dns_ionos/dns_ionos.py", line 153, in add_txt_record
zone_id, zone_name = self._find_managed_zone_id(domain)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot_dns_ionos/dns_ionos.py", line 90, in _find_managed_zone_id
zones = self._api_request(type='get', action="/dns/v1/zones")
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot_dns_ionos/dns_ionos.py", line 125, in _api_request
content = json.loads(resp.content)[0] # on error content is array with 1 element
~~~~~~~~~~~~~~~~~~~~~~~~^^^
KeyError: 0
2024-10-01 09:58:27,051:ERROR:certbot._internal.log:An unexpected error occurred:
2024-10-01 09:58:27,051:ERROR:certbot._internal.log:KeyError: 0
My web server is (include version):
The operating system my web server runs on is (include version): Ubuntu 22.04.4 (GNU/Linux 5.15.0-102-generic x86_64)
Docker version 24.0.7, build 24.0.7-0ubuntu2~22.04.1
My hosting provider, if applicable, is: Ionos
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):