Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cloudflare: some credentials information are missing #23

Closed
jeromeza opened this issue Jul 7, 2021 · 4 comments
Closed

cloudflare: some credentials information are missing #23

jeromeza opened this issue Jul 7, 2021 · 4 comments

Comments

@jeromeza
Copy link

jeromeza commented Jul 7, 2021
edited
Loading

I can't get Cloudflare to work, I get the below error, this after trying:

#!/bin/bash

export CLOUDFLARE_EMAIL="my@domain.co.za"
export CLOUDFLARE_API_KEY="myglobalapikey"
export CF_API_EMAIL="my@domain.co.za"
export CF_API_KEY="myglobalapikey"

/Users/jerome/Downloads/vault/vault -v write acme/certs/domain.co.za \
    common_name=www.domain.co.za
  • Failed to validate certificate signing request: cloudflare: some credentials information are missing: CLOUDFLARE_EMAIL,CLOUDFLARE_API_KEY or some credentials information are missing: CLOUDFLARE_DNS_API_TOKEN,CLOUDFLARE_ZONE_API_TOKEN

I've tried this as EXPORT vars in my shell, and in a script format above (as I came across a Lego post suggesting this: go-acme/lego#785)

Any ideas - I've tried both sets of variables as shown above...

It simply looks like the vars aren't being passed through to the Lego client?

Thanks!
@jeromeza
Copy link
Author

jeromeza commented Jul 7, 2021
edited
Loading

Digging through old commits - around 0.6 iirc I found that there's an added provider_configuration that can be called, which lets you specify the value outside of a shell var, as part of a map.

This seems to work:
./vault write acme/accounts/jerome
contact=my@domain.co.za
server_url=https://acme-staging-v02.api.letsencrypt.org/directory
terms_of_service_agreed=true
provider=cloudflare
provider_configuration={CF_API_KEY= myglobalapikey,CLOUDFLARE_EMAIL=my@domain.co.za}

See:
https://github.com/remilapeyre/vault-acme/blob/2ae3fc3605ce9c631e5ae018e488a9f6cc3fb041/website/source/api/secret/acme/index.html.md

See:
provider_configuration (map of strings: ) - The configuration to use for the DNS provider when not using environment variables.

See:
https://github.com/remilapeyre/vault-acme/releases/tag/v0.0.6

Add provider_configuration parameter to override environment variables
Closes #19

@remilapeyre
Copy link
Owner

Hi @jeromeza, only the environment variables of the Vault server can be used to set the configuration of the ACME provider, the environment variables of the Vault client are all ignored.

@remilapeyre
Copy link
Owner

Using provider_configuration should work if you cannot change the environment variables of the server.

@remilapeyre
Copy link
Owner

Hi @jeromeza, I will close this issue. If you are still having troubles with setting the configuration please open it again.

smuething pushed a commit to smuething/vault-plugin-secrets-acme that referenced this issue Oct 26, 2024
@dependabot
Merge pull request remilapeyre#23 from SierraSoftworks/dependabot/go_…
3fc3546 
…modules/google.golang.org/grpc-1.64.1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jeromeza @remilapeyre