hsmade / certbot-dns-transip Goto Github PK

Hi,

I am trying to run the docker container, but it complains there is no private key. I have mounted as a volume. Also permissions are ok!

docker run -i -v /etc/letsencrypt/transip.ini:/transip.ini -v /etc/letsencrypt/transip-rsa.key:/transip-rsa.key hsmade/certbot-transip certbot certonly --cert-name "" -d "" -a certbot-dns-transip:dns-transip --certbot-dns-transip:dns-transip-credentials transip.ini --certbot-dns-transip:dns-transip-propagation-seconds 240 --server https://acme-staging-v02.api.letsencrypt.org/directory -n -m --agree-tos --test-cert",

Traceback (most recent call last):
File "/usr/local/lib/python2.7/site-packages/certbot/error_handler.py", line 108, in _call_registered
self.funcs-1
File "/usr/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 316, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/usr/local/lib/python2.7/site-packages/certbot/plugins/dns_common.py", line 76, in cleanup
self._cleanup(domain, validation_domain_name, validation)
File "/usr/local/lib/python2.7/site-packages/certbot_dns_transip/dns_transip.py", line 70, in _cleanup
self._get_transip_client().del_txt_record(domain, validation_name, validation)
File "/usr/local/lib/python2.7/site-packages/certbot_dns_transip/dns_transip.py", line 157, in del_txt_record
domain = self._find_domain(domain_name)
File "/usr/local/lib/python2.7/site-packages/certbot_dns_transip/dns_transip.py", line 197, in _find_domain
domains = self.domain_service.get_domain_names()
File "/usr/local/lib/python2.7/site-packages/transip/service/domain.py", line 48, in get_domain_names
return self._simple_request('getDomainNames')
File "/usr/local/lib/python2.7/site-packages/transip/client.py", line 172, in _simple_request
cookie = self.build_cookie(mode=kwargs.get('mode', MODE_RO), method=method, parameters=args)
File "/usr/local/lib/python2.7/site-packages/transip/client.py", line 155, in build_cookie
signature = self._sign(message_to_sign)
File "/usr/local/lib/python2.7/site-packages/transip/client.py", line 89, in _sign
raise RuntimeError('The private key does not exist.')
RuntimeError: The private key does not exist.
An unexpected error occurred:
RuntimeError: The private key does not exist.

Thank you for creating this plugin!

I'm trying to get this to work (stable version on Debian Jessie) but this results in:

Error adding TXT record using the Transip API: Server raised fault: 'the expire of all records in an rrset must be all the same: _acme-challenge 86400 TXT 4PIHj9PV6t6Dn7XgFcuIztXR1kJTdXqsiMMD1i7GofU
the expire of all records in an rrset must be all the same: _acme-challenge 86400 TXT egkkcGfigtTgaxoBSlBsI8hyST5wtSQek9R9ubxnYdk
the expire of all records in an rrset must be all the same: _acme-challenge 1 TXT eWMectsKzA6yLMyNdaWERPxtEz2R4RmYxiDqyQoqbdc'

I'm trying to create a wildcard cert with: -d *.example.com -d example.com.

Hi,

Trying this plugin causes an error:

PluginEntryPoint#dns-transip does not provide IPluginFactory, skipping
PluginEntryPoint#certbot-dns-transip:dns-transip does not provide IPluginFactory, skipping

My current certbot version is: 1.12.0 (and I have this plugin installed with: pip3 install certbot-dns-transip)

I've requested the certificate with the following command:

certbot certonly -n -a dns-transip --dns-transip-credentials /root/credentials.ini --dns-transip-propagation-seconds 240 --expand --cert-name example.com -d 'example.com,*.example.com'

Am I missing something?

Pip installs version which is incompatible with transip python api.
Will there be a pip version which is compatbile?

Hello, i'm experiencing the following error:

$ certbot certonly --agree-tos -d domain.com -d *.domain.com -a certbot-dns-transip:dns-transip --certbot-dns-transip:dns-transip-credentials /etc/letsencrypt/transip.ini --certbot-dns-transip:dns-transip-propagation-seconds 240 --expand -n


Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator certbot-dns-transip:dns-transip, Installer None
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
dns-01 challenge for domain.com
dns-01 challenge for domain.com
Cleaning up challenges
Encountered exception during recovery: 
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/certbot/_internal/error_handler.py", line 125, in _call_registered
    self.funcs[-1]()
  File "/usr/local/lib/python2.7/dist-packages/certbot/_internal/auth_handler.py", line 243, in _cleanup_challenges
    self.auth.cleanup(achalls)
  File "/usr/local/lib/python2.7/dist-packages/certbot/plugins/dns_common.py", line 76, in cleanup
    self._cleanup(domain, validation_domain_name, validation)
  File "/usr/local/lib/python2.7/dist-packages/certbot_dns_transip/dns_transip.py", line 71, in _cleanup
    self._get_transip_client().del_txt_record(domain, validation_name, validation)
  File "/usr/local/lib/python2.7/dist-packages/certbot_dns_transip/dns_transip.py", line 90, in _get_transip_client
    return _TransipClient(username=username, key_file=key_file)
  File "/usr/local/lib/python2.7/dist-packages/certbot_dns_transip/dns_transip.py", line 98, in __init__
    self.domain_service = DomainService(login=username, private_key_file=key_file)
  File "/usr/local/lib/python2.7/dist-packages/transip/service/domain.py", line 12, in __init__
    super(DomainService, self).__init__('DomainService', *args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/transip/client.py", line 90, in __init__
    self.soap_client = SudsClient(self.url, doctor=doc, **suds_kwargs)
  File "/usr/local/lib/python2.7/dist-packages/suds/client.py", line 122, in __init__
    sd = ServiceDefinition(self.wsdl, s)
  File "/usr/local/lib/python2.7/dist-packages/suds/servicedefinition.py", line 58, in __init__
    self.addports()
  File "/usr/local/lib/python2.7/dist-packages/suds/servicedefinition.py", line 86, in addports
    method = (m.name, binding.param_defs(m))
  File "/usr/local/lib/python2.7/dist-packages/suds/bindings/rpc.py", line 35, in param_defs
    return self.bodypart_types(method)
  File "/usr/local/lib/python2.7/dist-packages/suds/bindings/binding.py", line 379, in bodypart_types
    raise TypeNotFound(query.ref)
TypeNotFound: Type not found: '(array, http://www.w3.org/2001/XMLSchema, )'

Happens with both python 2 and 3, as well as a renewal command, using the following pip packages:

certbot==1.2.0
certbot-dns-transip==0.2.6

Why is it that, whenever i run the certbot command found in https://certbot-dns-transip.readthedocs.io/en/latest/usage.html from a different directory than where the transip.ini file is located, it crashes with the notification that the key does not exist? Why can i not define the full path?

Hi,

this seems broken. I get an error on the XML schema.
The transip dependency has fixed this in version 2.1.1
Link to the issue benkonrath/transip-api@51c6cb9

Hi, this is more a question. After upgrading with pip3 install --upgrade certbot-dns-transip --force-reinstall I get an error that an import fails with the following stacktrace.
Is there something I need to do when upgrading a python package?

2020-03-22 09:19:31,449:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/local/bin/certbot", line 11, in
sys.exit(main())
File "/usr/local/lib/python3.6/dist-packages/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/usr/local/lib/python3.6/dist-packages/certbot/_internal/main.py", line 1317, in main
plugins = plugins_disco.PluginsRegistry.find_all()
File "/usr/local/lib/python3.6/dist-packages/certbot/_internal/plugins/disco.py", line 210, in find_all
plugin_ep = PluginEntryPoint(entry_point)
File "/usr/local/lib/python3.6/dist-packages/certbot/_internal/plugins/disco.py", line 54, in init
self.plugin_cls = entry_point.load()
File "/usr/local/lib/python3.6/dist-packages/pkg_resources/init.py", line 2450, in load
return self.resolve()
File "/usr/local/lib/python3.6/dist-packages/pkg_resources/init.py", line 2456, in resolve
module = import(self.module_name, fromlist=['name'], level=0)
File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 16, in
from certbot import constants as core_constants
ImportError: cannot import name 'constants'
2020-03-22 09:19:31,449:ERROR:certbot._internal.log:An unexpected error occurred:

Im getting a warning when requesting certificates using this plugin:

Plugin legacy name certbot-dns-transip:dns-transip may be removed in a future version. Please use dns-transip instead.

For more information about this, i would like to refer to this issue.

changes that need to be made are simple. transip.ini has to look like this:

dns_transip_username = <transip_username>
dns_transip_key_file = /config/dns-conf/transip-rsa.key

Im not good with github, pull requests etc, but i would like to contribute by reporting this issue.

Using the example docker command fails with the following error:

WARNING: The requested image's platform (linux/arm64/v8) does not match the detected host platform (linux/amd64) and no specific platform was requested

Adding the flag --platform linux/amd64 does not help. Docker hub shows the latest tag being only for arm64.

Building the docker image on an x64 host works just fine, using certbot, renewing, etc.

In ACME 2.0 the zope based interfaces in certbot.interfaces have been removed in favor of the abc based interfaces found in the same module.
The current implementation does not seem to work anymore and an update would be appreciated.

Release notes: https://github.com/certbot/certbot/releases/tag/v2.0.0

I tried to update my Certbot Docker container (which contains certbot-dns-transip) from 1.19.0 to 1.20.0, but it fails:

Collecting suds-jurko~=0.6
  Downloading suds-jurko-0.6.zip (255 kB)
    ERROR: Command errored out with exit status 1:
     command: /usr/local/bin/python -c 'import io, os, sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-ggo5hlmd/suds-jurko_42e55aecc9604ca5ac9b5db582f92802/setup.py'"'"'; __file__='"'"'/tmp/pip-install-ggo5hlmd/suds-jurko_42e55aecc9604ca5ac9b5db582f92802/setup.py'"'"';f = getattr(tokenize, '"'"'open'"'"', open)(__file__) if os.path.exists(__file__) else io.StringIO('"'"'from setuptools import setup; setup()'"'"');code = f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /tmp/pip-pip-egg-info-av1c36dp
         cwd: /tmp/pip-install-ggo5hlmd/suds-jurko_42e55aecc9604ca5ac9b5db582f92802/
    Complete output (1 lines):
    error in suds-jurko setup command: use_2to3 is invalid.
    ----------------------------------------
WARNING: Discarding https://files.pythonhosted.org/packages/d0/88/f3bed9b494e0dae26bd55e5f3d527b8244208125024727267e8109956a11/suds-jurko-0.6.zip#sha256=1cb7252cb13018fc32887c3a834ed7c6648a5b5c4c159be5806da2e1785399e8 (from https://pypi.org/simple/suds-jurko/). Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.
  Downloading suds-jurko-0.6.tar.bz2 (143 kB)
    ERROR: Command errored out with exit status 1:
     command: /usr/local/bin/python -c 'import io, os, sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-ggo5hlmd/suds-jurko_9a3599eb9c584d76b1cda189347cff0d/setup.py'"'"'; __file__='"'"'/tmp/pip-install-ggo5hlmd/suds-jurko_9a3599eb9c584d76b1cda189347cff0d/setup.py'"'"';f = getattr(tokenize, '"'"'open'"'"', open)(__file__) if os.path.exists(__file__) else io.StringIO('"'"'from setuptools import setup; setup()'"'"');code = f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /tmp/pip-pip-egg-info-j1lrfyjl
         cwd: /tmp/pip-install-ggo5hlmd/suds-jurko_9a3599eb9c584d76b1cda189347cff0d/
    Complete output (1 lines):
    error in suds-jurko setup command: use_2to3 is invalid.
    ----------------------------------------
WARNING: Discarding https://files.pythonhosted.org/packages/bd/6f/54fbf0999a606680d27c69b1ad12dfff62768ecb9fe48524cebda6eb4423/suds-jurko-0.6.tar.bz2#sha256=29edb72fd21e3044093d86f33c66cf847c5aaab26d64cb90e69e528ef014e57f (from https://pypi.org/simple/suds-jurko/). Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.
ERROR: Could not find a version that satisfies the requirement suds-jurko~=0.6 (from certbot-dns-transip) (from versions: 0.4.1.jurko.1, 0.4.1.jurko.2, 0.4.1.jurko.3, 0.4.1.jurko.4, 0.4.1.jurko.5, 0.5, 0.6)
ERROR: No matching distribution found for suds-jurko~=0.6
ERROR: Service 'c-certbot' failed to build : The command '/bin/sh -c pip install certbot-dns-transip==0.3.0' returned a non-zero code: 1

Apparently suds-jurko (the latest release, 0.6, is from 2014 btw) uses use_2to3, but setuptools removed use_2to3 since version 58 (due to a bug you can still use version 58.0.0 and 58.0.1, but the setuptools versions after 58.0.1 don't work), and Certbot's Docker container uses setuptools 58.0.4 since 1.20.0.

Currently I use RUN pip install setuptools==58.0.1 in my Dockerfile to be able to build Certbot with certbot-dns-transip, but that is not really futureproof I guess :). I guess certbot-dns-transip should either use an alternative for suds-jurko or suds-jurko should be forked and updated so it doesn't need use_2to3?

Thanks for creating and maintaining this plugin :)!

Hello, I'm using your plugin but it seems to have broken down. It might have been an update but I'm not quite sure. It always used to work.

I'm using:

$ pip list | grep certbot
certbot (1.2.0)
certbot-dns-transip (0.2.5)

My renewal command:

/usr/bin/certbot renew -a certbot-dns-transip:dns-transip --certbot-dns-transip:dns-transip-credentials /etc/letsencrypt/transip.ini --certbot-dns-transip:dns-transip-propagation-seconds 240 --post-hook 'docker restart $(docker ps -q --filter="name=nginx")'

The output:

usage: 
  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certificate. 
certbot: error: unrecognized arguments: --certbot-dns-transip:dns-transip-credentials /etc/letsencrypt/transip.ini --certbot-dns-transip:dns-transip-propagation-seconds 240

Hi, the installation fails with the error below. This is my command

certbot certonly -d *.gravity.zone,gravity.zone -a certbot-dns-transip:dns-transip --certbot-dns-transip:dns-transip-credentials transip.ini --certbot-dns-transip:dns-transip-propagation-seconds 240

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator certbot-dns-transip:dns-transip, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for gravity.zone
Unsafe permissions on credentials configuration file: transip.ini
Cleaning up challenges
Encountered exception during recovery:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 75, in handle_authorizations
resp = self._solve_challenges(aauthzrs)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 132, in _solve_challenges
resp = self.auth.perform(all_achalls)
File "/usr/lib/python3/dist-packages/certbot/plugins/dns_common.py", line 57, in perform
self._perform(domain, validation_domain_name, validation)
File "/usr/local/lib/python3.5/dist-packages/certbot_dns_transip/dns_transip.py", line 65, in _perform
self._get_transip_client().add_txt_record(domain, validation_name, validation)
File "/usr/local/lib/python3.5/dist-packages/certbot_dns_transip/dns_transip.py", line 110, in add_txt_record
domain = self._find_domain(domain_name)
File "/usr/local/lib/python3.5/dist-packages/certbot_dns_transip/dns_transip.py", line 197, in _find_domain
domains = self.domain_service.get_domain_names()
File "/usr/local/lib/python3.5/dist-packages/transip/service/domain.py", line 48, in get_domain_names
return self._simple_request('getDomainNames')
File "/usr/local/lib/python3.5/dist-packages/transip/client.py", line 172, in _simple_request
cookie = self.build_cookie(mode=kwargs.get('mode', MODE_RO), method=method, parameters=args)
File "/usr/local/lib/python3.5/dist-packages/transip/client.py", line 155, in build_cookie
signature = self._sign(message_to_sign)
File "/usr/local/lib/python3.5/dist-packages/transip/client.py", line 81, in _sign
privkey = rsa.PrivateKey.load_pkcs1(keydata)
File "/usr/local/lib/python3.5/dist-packages/rsa/key.py", line 118, in load_pkcs1
return method(keyfile)
File "/usr/local/lib/python3.5/dist-packages/rsa/key.py", line 560, in _load_pkcs1_pem
return cls._load_pkcs1_der(der)
File "/usr/local/lib/python3.5/dist-packages/rsa/key.py", line 495, in _load_pkcs1_der
key = cls(*as_ints)
TypeError: int() argument must be a string, a bytes-like object or a number, not 'Sequence'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/error_handler.py", line 108, in _call_registered
self.funcs-1
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 316, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/usr/lib/python3/dist-packages/certbot/plugins/dns_common.py", line 76, in cleanup
self._cleanup(domain, validation_domain_name, validation)
File "/usr/local/lib/python3.5/dist-packages/certbot_dns_transip/dns_transip.py", line 70, in _cleanup
self._get_transip_client().del_txt_record(domain, validation_name, validation)
File "/usr/local/lib/python3.5/dist-packages/certbot_dns_transip/dns_transip.py", line 157, in del_txt_record
domain = self._find_domain(domain_name)
File "/usr/local/lib/python3.5/dist-packages/certbot_dns_transip/dns_transip.py", line 197, in _find_domain
domains = self.domain_service.get_domain_names()
File "/usr/local/lib/python3.5/dist-packages/transip/service/domain.py", line 48, in get_domain_names
return self._simple_request('getDomainNames')
File "/usr/local/lib/python3.5/dist-packages/transip/client.py", line 172, in _simple_request
cookie = self.build_cookie(mode=kwargs.get('mode', MODE_RO), method=method, parameters=args)
File "/usr/local/lib/python3.5/dist-packages/transip/client.py", line 155, in build_cookie
signature = self._sign(message_to_sign)
File "/usr/local/lib/python3.5/dist-packages/transip/client.py", line 81, in _sign
privkey = rsa.PrivateKey.load_pkcs1(keydata)
File "/usr/local/lib/python3.5/dist-packages/rsa/key.py", line 118, in load_pkcs1
return method(keyfile)
File "/usr/local/lib/python3.5/dist-packages/rsa/key.py", line 560, in _load_pkcs1_pem
return cls._load_pkcs1_der(der)
File "/usr/local/lib/python3.5/dist-packages/rsa/key.py", line 495, in _load_pkcs1_der
key = cls(*as_ints)
TypeError: int() argument must be a string, a bytes-like object or a number, not 'Sequence'
An unexpected error occurred:
TypeError: int() argument must be a string, a bytes-like object or a number, not 'Sequence'
Please see the logfiles in /var/log/letsencrypt for more details.

I updated to Certbot v0.33.1 and got the following error when I did a dry run:

Cleaning up challenges
Encountered exception during recovery: 
Traceback (most recent call last):
  File "/opt/certbot/src/certbot/error_handler.py", line 124, in _call_registered
    self.funcs[-1]()
  File "/opt/certbot/src/certbot/auth_handler.py", line 220, in _cleanup_challenges
    self.auth.cleanup(achalls)
  File "/opt/certbot/src/certbot/plugins/dns_common.py", line 76, in cleanup
    self._cleanup(domain, validation_domain_name, validation)
  File "/usr/local/lib/python2.7/site-packages/certbot_dns_transip/dns_transip.py", line 71, in _cleanup
    self._get_transip_client().del_txt_record(domain, validation_name, validation)
  File "/usr/local/lib/python2.7/site-packages/certbot_dns_transip/dns_transip.py", line 159, in del_txt_record
    domain_records = self._get_dns_entries(domain_name=domain)
TypeError: _get_dns_entries() got an unexpected keyword argument 'domain_name'
Attempting to renew cert (subsidietrekker.nl) from /etc/letsencrypt/renewal/subsidietrekker.nl.conf produced an unexpected error: '_TransipClient' object has no attribute 'get_dns_entries'. Skipping.

I didn't dive into the problem, but when I downgrade back to v0.31.0 the error doesn't occur any more. Any ideas?

Hi,

Thanks for this plugin!

Could you add the Dockerfile you used to build the container to the repo? The history is quite large and unreadable, and has a local file added to it.

On Debian 11:
Proxy has been set as enviroment variable:

http_proxy="http://x,x,x,x:yyyy/"
https_proxy="http://x,x,x,x:yyyy/"
HTTP_PROXY="http://x,x,x,x:yyyy/"
HTTPS_PROXY="http://x,x,x,x:yyyy/"

The connection to: acme-v02.api.letsencrypt.org honors this.
The connection to: api.transip.nl does not

Encountered exception during recovery: requests.exceptions.ConnectionError: HTTPSConnectionPool(host='api.transip.nl', port=443): Max retries exceeded with url: /v6/auth (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f9b0c402ac0>: Failed to establish a new connection: [Errno 101] Network is unreachable'))
An unexpected error occurred:
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='api.transip.nl', port=443): Max retries exceeded with url: /v6/auth (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f9b0c487d30>: Failed to establish a new connection: [Errno 101] Network is unreachable'))

I would have expected all connections to honor proxy settings.

The certonly process fails when multiple domains are requested with a particularly odd error;
I replaced the domain name with example.com for this writeup

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator certbot-dns-transip:dns-transip, Installer None
Renewing an existing certificate
Performing the following challenges:
dns-01 challenge for example.com
Cleaning up challenges
Missing properties in credentials configuration file /etc/transip/transip.ini:
 * Property "certbot_dns_transip:dns_transip_key_file" not found (should be RSA key file(convert with openssl rsa -in transip.key -out decrypted_key)).
 * Property "certbot_dns_transip:dns_transip_username" not found (should be Transip username).

Command that I ran;

root$ certbot certonly -n -d '*.example.com,example.com' -a certbot-dns-transip:dns-transip --certbot-dns-transip:dns-transip-credentials /etc/transip/transip.ini --certbot-dns-transip:dns-transip-propagation-seconds 240 -m [email protected] --agree-tos --eff-email --force-renewal

I also attempted:

root$ certbot certonly -n -d '*.example.com' -d 'example.com' -a certbot-dns-transip:dns-transip --certbot-dns-transip:dns-transip-credentials /etc/transip/transip.ini --certbot-dns-transip:dns-transip-propagation-seconds 240 -m [email protected] --agree-tos --eff-email --force-renewal

Interestingly the following will gladly succeed:

root$ certbot certonly -n -d '*.example.com' -a certbot-dns-transip:dns-transip --certbot-dns-transip:dns-transip-credentials /etc/transip/transip.ini --certbot-dns-transip:dns-transip-propagation-seconds 240 -m [email protected] --agree-tos --eff-email --force-renewal

outputs

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator certbot-dns-transip:dns-transip, Installer None
Renewing an existing certificate

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/example.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/example.com/privkey.pem
   Your cert will expire on 2022-01-20. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

OS: Ubuntu Server 20.04.3 LTS
certbot-dns-transip version: 0.4.3
certbot version: 0.4.0

Thanks for the plugin. Works fine for me for one domain that has no TXT records.

However, for another domain I have two TXT records configured for '@' (a record for SPF and another record for google-site-verification=...).

In this case, the plugin fails with the following error:

 - The following errors were reported by the server:

   Domain: example.com
   Type:   unauthorized
   Detail: Incorrect TXT record "v=spf1 include:_spf.google.com
   include:mailgun.org ..." (and 1 more) found at
   _acme-challenge.example.com

or

 - The following errors were reported by the server:

   Domain: example.com
   Type:   unauthorized
   Detail: Incorrect TXT record
   "google-site-verification=...”
   (and 1 more) found at _acme-challenge.example.com

Certbot version: 0.37.1
certbot-dns-transip version: 0.2.5

On https://certbot-dns-transip.readthedocs.io/en/latest/readme.html the --certbot-dns-transip:dns-transip-credentials transip.ini --certbot-dns-transip:dns-transip-propagation-seconds 240 part is formatted incorrectly. --certbot-dns-transip:dns-transip-credentials is formatted as –certbot-dns-transip:dns-transip-credentials (one big – instead of --), the same goes for –certbot-dns-transip:dns-transip-propagation-seconds.

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• Update python Docker tag to v3.12
• Update actions/checkout action to v4
• Update actions/setup-python action to v5
• Update dependency ubuntu to v22
• Update docker/build-push-action action to v5
• Update docker/login-action action to v3
• Update docker/setup-buildx-action action to v3
• Update docker/setup-qemu-action action to v3
• Click on this checkbox to rebase all open PRs at once

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

Thanks for making this plugin.
I noticed a minor issue in the USAGE.rst.

--certbot-dns-transipdns-transip-propagation-seconds

should be

--certbot-dns-transip:dns-transip-propagation-seconds

By default the TransIP client requests a token which requires IP Whitelisting, which causes the calls to the TransIP api to fail when there is no whitelist for the specified key (TransIP call that a 'global key').
See roaldnefs/python-transip#46

Hi, did you mean to use CMD instead of ENTRYPOINT? It would be nice if we could just have a certbot entrypoint.