GoDaddy DNS Add-on SSL certificate expiration

Hello,

I successfully installed the GoDaddy DNS Add-on to enable remote access to my Home Assistant instance. It worked perfectly for a few months, but now I am encountering an issue with SSL certificate expiration.

/usr/bin/dehydrated: line 737: 1: unbound variable
[17:39:45] WARNING: Renewal failed for domain: ha.mydomain.com
[17:44:47] INFO: Renewing certificate for domain: ha.mydomain.com
# INFO: Using main config file /data/workdir/config
Processing ha.mydomain.com
 + Checking domain name(s) of existing cert... unchanged.
 + Checking expire date of existing cert...
 + Valid till May 23 15:44:33 2024 GMT (Less than 30 days). Renewing!
 + Signing domains...
 + Generating private key...
 + Generating signing request...
 + Requesting new certificate order from CA...
 + Received 1 authorizations URLs from the CA
 + Handling authorization for ha.mydomain.com
 + 1 pending challenge(s)
 + Deploying challenge tokens...
{"code":"ACCESS_DENIED","message":"Authenticated user is not allowed access"}
 + Responding to challenge for ha.mydomain.com authorization...
 + Cleaning challenge tokens...
{"code":"ACCESS_DENIED","message":"Authenticated user is not allowed access"}
 + Challenge validation has failed :(
ERROR: Challenge is invalid! (returned: invalid) (result: ["type"]	"dns-01"
["status"]	"invalid"
["error","type"]	"urn:ietf:params:acme:error:dns"
["error","detail"]	"DNS problem: NXDOMAIN looking up TXT for _acme-challenge.ha.mydomain.com - check that a DNS record exists for this domain"
["error","status"]	400
["error"]	{"type":"urn:ietf:params:acme:error:dns","detail":"DNS problem: NXDOMAIN looking up TXT for _acme-challenge.ha.mydomain.com - check that a DNS record exists for this domain","status":400}
["url"]	"https://acme-v02.api.letsencrypt.org/acme/chall-v3/35618026/Z6DgPg"
["token"]	"tKXjjPJs8JB7pigYTFgyki3iXi-fr5EdStQ"
["validated"]	"2024-05-27T15:46:01Z")

I cannot find a way to renew the certificates. I also installed the Let’s Encrypt add-on, but it doesn’t support certificate renewal via DNS challenge with GoDaddy.

I have created a new GoDaddy API key, but it hasn’t resolved the issue.

Does anyone have any ideas on how to renew the certificates and automate the renewal process?

Thank you,
Davide

Developers frustrated by recent GoDaddy API restrictions - Domain Name Wire | Domain Name News.

API access now requires at least 10 domains in your godaddy account.