Description of problem: When renewing a Let's Encrypt certificate with certbot and Cloudflare DNS authentication, an error is generated and the certificate is not renewed. the error says: <pre> Error determining zone_id: 6003 Invalid request headers. Please confirm that you have supplied valid Cloudflare API credentials. (Did you copy your entire API token/key? To use Cloudflare tokens, you'll need the python package cloudflare>=2.3.1. This certbot is running cloudflare 2.3.0) </pre> Version-Release number of selected component (if applicable): certbot-1.11.0-2.el7.noarch python2-cloudflare-2.3.0-2.el7.noarch python2-certbot-dns-cloudflare-1.11.0-1.el7.noarch How reproducible: Always Steps to Reproduce: /usr/bin/certbot certonly --text --non-interactive --agree-tos --register-unsafely-without-email --preferred-challenges dns --dns-cloudflare --dns-cloudflare-credentials /tmp/credentials.ini --dns-cloudflare-propagation-seconds 15 -d <redacted_domain.com> --preferred-chain 'ISRG Root X1' The domain to renew must be managed in Cloudflare DNS and the CF credentials must be included in the file /tmp/credentials.ini in Certbot format. Actual results: Error: Error determining zone_id: 6003 Invalid request headers. Please confirm that you have supplied valid Cloudflare API credentials. (Did you copy your entire API token/key? To use Cloudflare tokens, you'll need the python package cloudflare>=2.3.1. This certbot is running cloudflare 2.3.0) And the certificate is not renewed. Expected results: No errors and certificate renewed. Additional info: I rebuilt the RPM for python-cloudflare 2.3.1 using the SRC RPM from 2.3.0 and changing just the Python package version (and disabling the GPG key check). The RPM was rebuilt without any issues, I installed the new RPM and certbot worked fine, my domain was renewed. Just upgrading the Python cloudflare package to 2.3.1 makes certbot work again. There are later version of python-cloudflare, but 2.3.1 works just fine.
FEDORA-EPEL-2023-786a81c558 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-786a81c558
FEDORA-EPEL-2023-786a81c558 has been pushed to the Fedora EPEL 7 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-786a81c558 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2023-786a81c558 has been pushed to the Fedora EPEL 7 stable repository. If problem still persists, please make note of it in this bug report.