Renewing sub-domain certificates broken or changed (Lets Encrypt and Godaddy)_
-
HI
I have a domain (let's say mydomain.com) that gets certificate and wildcard certificates from Letscencrypt and uses DND-Godaddy as challenge. Works fine for mydomain.com and *.mydomain.com
It also used to work fine for subdomain.mydomain.com and *.subdomain.mydomain.com but suddenly stopped working. Maybe Godaddy or acme was changed.
THe logs say that the keys were not allowed to be set and I can se that the curl address used is (examplified):
_post_url='https://api.godaddy.com/v1/domains/subdomain.mydomain.com/records/TXT/_acme-challenge'
so it uses the subdomain as API call address and maybe that is the issue, since that is not the domain registered?
I have tried to add the subdomain as cname entries with value mydomain.com but did not help
and I also tried to use the DNS alias mode, so it points to mydomain.com instead. That did not help either though.
I do get some errors like
[Tue Oct 1 18:36:21 CEST 2024] GET [Tue Oct 1 18:36:21 CEST 2024] url='https://api.godaddy.com/v1/domains/mydomain.com' [Tue Oct 1 18:36:21 CEST 2024] timeout= [Tue Oct 1 18:36:21 CEST 2024] Http already initialized. [Tue Oct 1 18:36:21 CEST 2024] _CURL='curl --silent --dump-header /tmp/acme/subdomain.mydomain.com/http.header -L -g ' [Tue Oct 1 18:36:21 CEST 2024] ret='0' [Tue Oct 1 18:36:21 CEST 2024] response='{"code":"ACCESS_DENIED","message":"Authenticated user is not allowed access"}' [Tue Oct 1 18:36:21 CEST 2024] _sub_domain='_acme-challenge' [Tue Oct 1 18:36:21 CEST 2024] _domain='mydomain.com'even though the access is fine to other API calls on godaddy
I have tried to generate new API keys but did not help either.Any help would be appreciated
Thanks
Hoegge