GoDaddy DNS Add-on SSL certificate expiration

Hello,

I successfully installed the GoDaddy DNS Add-on to enable remote access to my Home Assistant instance. It worked perfectly for a few months, but now I am encountering an issue with SSL certificate expiration.

/usr/bin/dehydrated: line 737: 1: unbound variable
[17:39:45] WARNING: Renewal failed for domain: ha.mydomain.com
[17:44:47] INFO: Renewing certificate for domain: ha.mydomain.com
# INFO: Using main config file /data/workdir/config
Processing ha.mydomain.com
 + Checking domain name(s) of existing cert... unchanged.
 + Checking expire date of existing cert...
 + Valid till May 23 15:44:33 2024 GMT (Less than 30 days). Renewing!
 + Signing domains...
 + Generating private key...
 + Generating signing request...
 + Requesting new certificate order from CA...
 + Received 1 authorizations URLs from the CA
 + Handling authorization for ha.mydomain.com
 + 1 pending challenge(s)
 + Deploying challenge tokens...
{"code":"ACCESS_DENIED","message":"Authenticated user is not allowed access"}
 + Responding to challenge for ha.mydomain.com authorization...
 + Cleaning challenge tokens...
{"code":"ACCESS_DENIED","message":"Authenticated user is not allowed access"}
 + Challenge validation has failed :(
ERROR: Challenge is invalid! (returned: invalid) (result: ["type"]	"dns-01"
["status"]	"invalid"
["error","type"]	"urn:ietf:params:acme:error:dns"
["error","detail"]	"DNS problem: NXDOMAIN looking up TXT for _acme-challenge.ha.mydomain.com - check that a DNS record exists for this domain"
["error","status"]	400
["error"]	{"type":"urn:ietf:params:acme:error:dns","detail":"DNS problem: NXDOMAIN looking up TXT for _acme-challenge.ha.mydomain.com - check that a DNS record exists for this domain","status":400}
["url"]	"https://acme-v02.api.letsencrypt.org/acme/chall-v3/35618026/Z6DgPg"
["token"]	"tKXjjPJs8JB7pigYTFgyki3iXi-fr5EdStQ"
["validated"]	"2024-05-27T15:46:01Z")

I cannot find a way to renew the certificates. I also installed the Let’s Encrypt add-on, but it doesn’t support certificate renewal via DNS challenge with GoDaddy.

I have created a new GoDaddy API key, but it hasn’t resolved the issue.

Does anyone have any ideas on how to renew the certificates and automate the renewal process?

Thank you,
Davide

Developers frustrated by recent GoDaddy API restrictions - Domain Name Wire | Domain Name News.

API access now requires at least 10 domains in your godaddy account.

I see the news what a mess
so basically the GoDaddy add on doesn’t work any more for standard deployment with less that 10 domains
Any alternative to renew the certificate?
I’m stuck…

ve solved the remote access issue for Home Assistant with an alternative method.

Solution: Set up an SSH reverse tunnel to a Digital Ocean droplet with a fixed IP address, using it as a proxy for traffic on port 8123.

Benefits:

  • Simple Configuration: The setup process is straightforward.
  • Effective Performance: It works flawlessly for accessing Home Assistant remotely via a web browser or mobile app.
  • Cost-Effective: The cost of maintaining a public cloud server is significantly lower compared to other solutions.
  • Versatility: The server can also be utilized for other applications requiring a fixed IP, NAT, and firewall traversal.

Additionally, I am considering switching from GoDaddy as my domain registrar due to their unacceptable behavior.