certbot-dns-powerdns icon indicating copy to clipboard operation
certbot-dns-powerdns copied to clipboard

Published 20 hours ago verified publisher icon pan-net-security

Authentication by API Key failed

Open stevenmcastano opened this issue 3 years ago • 0 comments

I've finally gotten it installed in docker container by doing the apt install method of install both certbot and python3-pip, then using pip to get the plugin installed.

The problem I have now is that even with the proper api key and host, the update fails. I can see in my PowerDNS logs the following:

Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1 Request details:
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1  Headers:
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   accept: */*
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   accept-encoding: gzip, deflate
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   connection: keep-alive
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   content-length: 2
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   content-type: application/json
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   host: ***REDACTED***:8081
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   user-agent: python-requests/2.22.0
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   x-api-key: ***REDACTED***
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1  Full body:
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   {}
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1 HTTP Request "/api/v1/servers/localhost/zones/***REDACTED***.": Authentication by API Key failed
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1 Response details:
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1  Headers:
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   Connection: close
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   Content-Length: 12
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   Content-Type: text/plain; charset=utf-8
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   Server: PowerDNS/4.2.1
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   WWW-Authenticate: X-API-Key realm="PowerDNS"
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1  Full body:
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1   Unauthorized
Feb 20 16:54:17 PowerDNS001 pdns_server[147042]: [webserver] 077cd2f4-2efe-49dd-aeb0-3eca7c5fdea1 ***REDACTED***:50290 "GET /api/v1/servers/localhost/zones/***REDACTED***. HTTP/1.1" 401 191

But I do know my API key works... I'm able to make requests with another plugin, but that one doesn't support wildcard certs. Also, I have PowerDNS-Admin running with the same API key and that works fine as well.

stevenmcastano avatar Feb 20 '22 21:02 stevenmcastano