Does this project still work? about certbot-dns-godaddy HOT 14 OPEN

Hi, I have had this same issue and I was one of the people documenting their process on Reddit indeed.
This is the Reddit Post for reference.

It is clear that the GoDaddy team has decided to not support small business or individuals in automatic renewals of certificates. It is certainly not the fault of this project.

I have circumvented the issue by Transerring our DNS registration to cloud flare following the instructions here. Note that you do not need to transfer your domain registration completely, only the DNS. Then, I used the Cloudflare-dns to setup automatic renewal. Works like a charm!

Note that for this to work on certificates previously generated with the godaddy-authenticator, you must change the configuration under /etc/letsencrypt/renewal/{yourDomain}.conf and use the cloudflare variables instead.

Example configuration before update (/etc/letsencrypt/renewal/{yourDomain}.conf)

# renew_before_expiry = 30 days
version = 1.26.0
archive_dir = /etc/letsencrypt/archive/{yourDomain}
cert = /etc/letsencrypt/live/{yourDomain}/cert.pem
privkey = /etc/letsencrypt/live/{yourDomain}/privkey.pem
chain = /etc/letsencrypt/live/{yourDomain}/chain.pem
fullchain = /etc/letsencrypt/live/{yourDomain}/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = {yourAccountID} # You may leave this unchanged
server = https://acme-v02.api.letsencrypt.org/directory # You may leave this unchanged
key_type = rsa  # You may leave this unchanged
## You must change everything below this line 
authenticator = dns-godaddy
dns_godaddy_propagation_seconds = 120
dns_godaddy_credentials = path/to/your/godaddy/credentials.ini

Example configuration after update to work with cloudflare (change appropriately for your provider):

# renew_before_expiry = 30 days
version = 1.26.0
archive_dir = /etc/letsencrypt/archive/{yourDomain}
cert = /etc/letsencrypt/live/{yourDomain}/cert.pem
privkey = /etc/letsencrypt/live/{yourDomain}/privkey.pem
chain = /etc/letsencrypt/live/{yourDomain}/chain.pem
fullchain = /etc/letsencrypt/live/{yourDomain}/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = {yourAccountID} # You may leave this unchanged
server = https://acme-v02.api.letsencrypt.org/directory # You may leave this unchanged
key_type = rsa  # You may leave this unchanged
## You must change everything below this line 
authenticator = dns-cloudflare
dns_cloudflare_propagation_seconds = 120
dns_cloudflare_credentials = path/to/your/cloudflare/credentials.ini

from certbot-dns-godaddy.

I have the same issue. Seems to be GoDaddy is restricting their API without any notice.
A few others have reported the same on reddit.
I have a case open with them but the its more likely I will transfer my domains somewhere else like cloudflare.

from certbot-dns-godaddy.

Hi, I have had this same issue and I was one of the people documenting their process on Reddit indeed. This is the Reddit Post for reference.
It is clear that the GoDaddy team has decided to not support small business or individuals in automatic renewals of certificates. It is certainly not the fault of this project.
I have circumvented the issue by Transerring our DNS registration to cloud flare following the instructions here. Note that you do not need to transfer your domain registration completely, only the DNS. Then, I used the Cloudflare-dns to setup automatic renewal. Works like a charm!
Note that for this to work on certificates previously generated with the godaddy-authenticator, you must change the configuration under /etc/letsencrypt/renewal/{yourDomain}.conf and use the cloudflare variables instead.
Example configuration before update (/etc/letsencrypt/renewal/{yourDomain}.conf)

# renew_before_expiry = 30 days
version = 1.26.0
archive_dir = /etc/letsencrypt/archive/{yourDomain}
cert = /etc/letsencrypt/live/{yourDomain}/cert.pem
privkey = /etc/letsencrypt/live/{yourDomain}/privkey.pem
chain = /etc/letsencrypt/live/{yourDomain}/chain.pem
fullchain = /etc/letsencrypt/live/{yourDomain}/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = {yourAccountID} # You may leave this unchanged
server = https://acme-v02.api.letsencrypt.org/directory # You may leave this unchanged
key_type = rsa  # You may leave this unchanged
## You must change everything below this line 
authenticator = dns-godaddy
dns_godaddy_propagation_seconds = 120
dns_godaddy_credentials = path/to/your/godaddy/credentials.ini

Example configuration after update to work with cloudflare (change appropriately for your provider):

# renew_before_expiry = 30 days
version = 1.26.0
archive_dir = /etc/letsencrypt/archive/{yourDomain}
cert = /etc/letsencrypt/live/{yourDomain}/cert.pem
privkey = /etc/letsencrypt/live/{yourDomain}/privkey.pem
chain = /etc/letsencrypt/live/{yourDomain}/chain.pem
fullchain = /etc/letsencrypt/live/{yourDomain}/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = {yourAccountID} # You may leave this unchanged
server = https://acme-v02.api.letsencrypt.org/directory # You may leave this unchanged
key_type = rsa  # You may leave this unchanged
## You must change everything below this line 
authenticator = dns-cloudflare
dns_cloudflare_propagation_seconds = 120
dns_cloudflare_credentials = path/to/your/cloudflare/credentials.ini

Hello, Sam

I have 1 month before my current certificate expires, so I'm looking at options I have for when I have to update it. I was reviewing what you said, transfer only the DNS to cloud flare, but it is not entirely clear to me how to do it, I checked on the web, but there is not much information about it. Could you please specify from which step I should start to do such a process?.

Thank you very much for your comments.

Hi cguerrero1205,

You can follow the instructions here. Note: You only need to follow steps up to step 3. You do not need to follow step 4 if your goal is to just change the DNS provider. Please note also, that any DNS rules you have on GoDaddy will be deleted. So Perhaps good to back them up with a screenshot so you can apply them to your cloudflare settings once you are done! After you've done this, you can set up the Cloudflare certbot plugin as I described in my comment above. If you run into trouble, comment here and I will try to help you resolve it!

from certbot-dns-godaddy.

Possibly a silly question... if I migrate to cloudflare following the above instructions (I will just do DNS for now), does the existing site and certificate continue to function properly up until expiration ?

No such thing as a silly question! :)
Yes, your current certificates will continue to work as they are already issued. As long as the new DNS name matches the old one, you will not have an issue! You can also force renew the certificate by running certbot with the --force-renewal argument.

from certbot-dns-godaddy.

Hi, I have had this same issue and I was one of the people documenting their process on Reddit indeed. This is the Reddit Post for reference.
It is clear that the GoDaddy team has decided to not support small business or individuals in automatic renewals of certificates. It is certainly not the fault of this project.
I have circumvented the issue by Transerring our DNS registration to cloud flare following the instructions here. Note that you do not need to transfer your domain registration completely, only the DNS. Then, I used the Cloudflare-dns to setup automatic renewal. Works like a charm!
Note that for this to work on certificates previously generated with the godaddy-authenticator, you must change the configuration under /etc/letsencrypt/renewal/{yourDomain}.conf and use the cloudflare variables instead.
Example configuration before update (/etc/letsencrypt/renewal/{yourDomain}.conf)

# renew_before_expiry = 30 days
version = 1.26.0
archive_dir = /etc/letsencrypt/archive/{yourDomain}
cert = /etc/letsencrypt/live/{yourDomain}/cert.pem
privkey = /etc/letsencrypt/live/{yourDomain}/privkey.pem
chain = /etc/letsencrypt/live/{yourDomain}/chain.pem
fullchain = /etc/letsencrypt/live/{yourDomain}/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = {yourAccountID} # You may leave this unchanged
server = https://acme-v02.api.letsencrypt.org/directory # You may leave this unchanged
key_type = rsa  # You may leave this unchanged
## You must change everything below this line 
authenticator = dns-godaddy
dns_godaddy_propagation_seconds = 120
dns_godaddy_credentials = path/to/your/godaddy/credentials.ini

Example configuration after update to work with cloudflare (change appropriately for your provider):

# renew_before_expiry = 30 days
version = 1.26.0
archive_dir = /etc/letsencrypt/archive/{yourDomain}
cert = /etc/letsencrypt/live/{yourDomain}/cert.pem
privkey = /etc/letsencrypt/live/{yourDomain}/privkey.pem
chain = /etc/letsencrypt/live/{yourDomain}/chain.pem
fullchain = /etc/letsencrypt/live/{yourDomain}/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = {yourAccountID} # You may leave this unchanged
server = https://acme-v02.api.letsencrypt.org/directory # You may leave this unchanged
key_type = rsa  # You may leave this unchanged
## You must change everything below this line 
authenticator = dns-cloudflare
dns_cloudflare_propagation_seconds = 120
dns_cloudflare_credentials = path/to/your/cloudflare/credentials.ini

Hello, Sam
I have 1 month before my current certificate expires, so I'm looking at options I have for when I have to update it. I was reviewing what you said, transfer only the DNS to cloud flare, but it is not entirely clear to me how to do it, I checked on the web, but there is not much information about it. Could you please specify from which step I should start to do such a process?.
Thank you very much for your comments.

Hi cguerrero1205,

You can follow the instructions here. Note: You only need to follow steps up to step 3. You do not need to follow step 4 if your goal is to just change the DNS provider. Please note also, that any DNS rules you have on GoDaddy will be deleted. So Perhaps good to back them up with a screenshot so you can apply them to your cloudflare settings once you are done! After you've done this, you can set up the Cloudflare certbot plugin as I described in my comment above. If you run into trouble, comment here and I will try to help you resolve it!

Hello,

Thank you for your help. This weekend I will do the procedures, out of production hours, then I will let you know how it goes.

Again, thank you very much.

from certbot-dns-godaddy.

To backup godaddy dns records, on the godaddy dns page, change the page size, it will make the following query which can be saved as a json file. Inspect the Network web developer tools for this.
https://domdns.api.godaddy.com/v1/customers//zones/?pageNumber=1&pageSize=50&type=

from certbot-dns-godaddy.

Hello, Sam.
I did the migration to cloudflare today, all without major problems, mostly due to lack of knowledge on the subject, but everything could be solved. Thank you very much for your help.
Additionally I configured cloudflare to automatically update the certificate, so I don't have to use certbot, or any external application. I only created a certificate for my home server, which lasts 15 years, and cloudflare automatically updates the client's certificate every 3 months. So, if cloudflare never fails, I don't have to do anything else for the next 15 years.
This is great!

from certbot-dns-godaddy.

Hi, I have had this same issue and I was one of the people documenting their process on Reddit indeed. This is the Reddit Post for reference.

It is clear that the GoDaddy team has decided to not support small business or individuals in automatic renewals of certificates. It is certainly not the fault of this project.

I have circumvented the issue by Transerring our DNS registration to cloud flare following the instructions here. Note that you do not need to transfer your domain registration completely, only the DNS. Then, I used the Cloudflare-dns to setup automatic renewal. Works like a charm!

Note that for this to work on certificates previously generated with the godaddy-authenticator, you must change the configuration under /etc/letsencrypt/renewal/{yourDomain}.conf and use the cloudflare variables instead.

Example configuration before update (/etc/letsencrypt/renewal/{yourDomain}.conf)

# renew_before_expiry = 30 days
version = 1.26.0
archive_dir = /etc/letsencrypt/archive/{yourDomain}
cert = /etc/letsencrypt/live/{yourDomain}/cert.pem
privkey = /etc/letsencrypt/live/{yourDomain}/privkey.pem
chain = /etc/letsencrypt/live/{yourDomain}/chain.pem
fullchain = /etc/letsencrypt/live/{yourDomain}/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = {yourAccountID} # You may leave this unchanged
server = https://acme-v02.api.letsencrypt.org/directory # You may leave this unchanged
key_type = rsa  # You may leave this unchanged
## You must change everything below this line 
authenticator = dns-godaddy
dns_godaddy_propagation_seconds = 120
dns_godaddy_credentials = path/to/your/godaddy/credentials.ini

Example configuration after update to work with cloudflare (change appropriately for your provider):

# renew_before_expiry = 30 days
version = 1.26.0
archive_dir = /etc/letsencrypt/archive/{yourDomain}
cert = /etc/letsencrypt/live/{yourDomain}/cert.pem
privkey = /etc/letsencrypt/live/{yourDomain}/privkey.pem
chain = /etc/letsencrypt/live/{yourDomain}/chain.pem
fullchain = /etc/letsencrypt/live/{yourDomain}/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = {yourAccountID} # You may leave this unchanged
server = https://acme-v02.api.letsencrypt.org/directory # You may leave this unchanged
key_type = rsa  # You may leave this unchanged
## You must change everything below this line 
authenticator = dns-cloudflare
dns_cloudflare_propagation_seconds = 120
dns_cloudflare_credentials = path/to/your/cloudflare/credentials.ini

Same problem, it worked well before, The certificate will expire in a few days. I have been looking for a solution. Fortunately, I saw your comment. Thank you.

from certbot-dns-godaddy.

I've recently ran into this issue with a couple of GoDaddy accounts I manage. I called their support and they told me that they are now only allowing access to the domains API for accounts that have 10+ domains and also pay for "discount domain club", or accounts with 50+ domains.

from certbot-dns-godaddy.

Hi, I have had this same issue and I was one of the people documenting their process on Reddit indeed. This is the Reddit Post for reference.

It is clear that the GoDaddy team has decided to not support small business or individuals in automatic renewals of certificates. It is certainly not the fault of this project.

I have circumvented the issue by Transerring our DNS registration to cloud flare following the instructions here. Note that you do not need to transfer your domain registration completely, only the DNS. Then, I used the Cloudflare-dns to setup automatic renewal. Works like a charm!

Note that for this to work on certificates previously generated with the godaddy-authenticator, you must change the configuration under /etc/letsencrypt/renewal/{yourDomain}.conf and use the cloudflare variables instead.

Example configuration before update (/etc/letsencrypt/renewal/{yourDomain}.conf)

# renew_before_expiry = 30 days
version = 1.26.0
archive_dir = /etc/letsencrypt/archive/{yourDomain}
cert = /etc/letsencrypt/live/{yourDomain}/cert.pem
privkey = /etc/letsencrypt/live/{yourDomain}/privkey.pem
chain = /etc/letsencrypt/live/{yourDomain}/chain.pem
fullchain = /etc/letsencrypt/live/{yourDomain}/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = {yourAccountID} # You may leave this unchanged
server = https://acme-v02.api.letsencrypt.org/directory # You may leave this unchanged
key_type = rsa  # You may leave this unchanged
## You must change everything below this line 
authenticator = dns-godaddy
dns_godaddy_propagation_seconds = 120
dns_godaddy_credentials = path/to/your/godaddy/credentials.ini

Example configuration after update to work with cloudflare (change appropriately for your provider):

# renew_before_expiry = 30 days
version = 1.26.0
archive_dir = /etc/letsencrypt/archive/{yourDomain}
cert = /etc/letsencrypt/live/{yourDomain}/cert.pem
privkey = /etc/letsencrypt/live/{yourDomain}/privkey.pem
chain = /etc/letsencrypt/live/{yourDomain}/chain.pem
fullchain = /etc/letsencrypt/live/{yourDomain}/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = {yourAccountID} # You may leave this unchanged
server = https://acme-v02.api.letsencrypt.org/directory # You may leave this unchanged
key_type = rsa  # You may leave this unchanged
## You must change everything below this line 
authenticator = dns-cloudflare
dns_cloudflare_propagation_seconds = 120
dns_cloudflare_credentials = path/to/your/cloudflare/credentials.ini

Hello, Sam

I have 1 month before my current certificate expires, so I'm looking at options I have for when I have to update it. I was reviewing what you said, transfer only the DNS to cloud flare, but it is not entirely clear to me how to do it, I checked on the web, but there is not much information about it. Could you please specify from which step I should start to do such a process?.

Thank you very much for your comments.

from certbot-dns-godaddy.

Possibly a silly question... if I migrate to cloudflare following the above instructions (I will just do DNS for now), does the existing site and certificate continue to function properly up until expiration ?

from certbot-dns-godaddy.

As the godaddy limitation is outside the scope of this problem. @romerojunior, move this to a discussion or wiki page. I have also moved to cloudflare dns and once the domain is nearing renewal, will permanently move it there.

from certbot-dns-godaddy.

It's weird that one of my domains can be renewed but the other can't !
I use acme.sh instead, it works well.
https://github.com/acmesh-official/acme.sh?tab=readme-ov-file

from certbot-dns-godaddy.

To actually answer the question :-D

It seems, that as long as you still have API access, that this works. Cheers!

from certbot-dns-godaddy.