Hi folks - I previously had Let's Encrypt working but made the mistake of updating about thirty packages at once, so now things are broken and I'm not sure what to roll back. I only figured this out because of a very helpful "your cert is expiring" reminder email from LE.
My base domain (66c.dev) is hosted on Google Domains. The _acme-challenge subdomain is CNAMED to _acme-challenge.acme.66c.dev; the entire acme.66c.dev subdomain is managed by Google Cloud DNS (and this is where certbot used to add / remove challenge records).
I distinctly remember that I needed to patch a line to make this work last time, which I've done per this thread: DNS plugins don't work if _acme-challenge is a separate zone · Issue #7701 · certbot/certbot · GitHub
But I'm still getting this mystery error:
Unable to determine managed zone for 66c.dev using zone names: ['_acme_challenge.66c.dev', '66c.dev', 'dev'].
This surprises me because _acme_challenge.66c.dev does exist. What am I missing?
The Google specific code is here.
My domain is:
I ran this command:
I'm using the Let's Encrypt Home Assistant plugin.
It produced this output:
[s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] file-structure.sh: executing... [cont-init.d] file-structure.sh: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. [22:31:49] INFO: Selected DNS Provider: dns-google [22:31:49] INFO: Use propagation seconds: 60 Saving debug log to /var/log/letsencrypt/letsencrypt.log Requesting a certificate for *.66c.dev Error finding zone. Skipping cleanup. Unable to determine managed zone for 66c.dev using zone names: ['_acme_challenge.66c.dev', '66c.dev', 'dev']. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] waiting for services. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the KILL signal and exiting.
My web server is (include version):
Using DNS challenge.
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
Yes, Home Assistant
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):
Current version: 4.12.2