I was using certbot and a plugin that matches my domain provider certbot-dns-aliyun to generate an SSL certificate for my domain, scp-makerspace.cn. However, as I run the following command:
sudo /mnt/certbot/venv/bin/certbot certonly -a certbot-dns-aliyun:dns-aliyun --certbot-dns-aliyun:dns-aliyun-credentials /mnt/certbot/credentials.ini -d "scp-makerspace.com" -d "*.scp-makerspace.com"
This error occurs:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugin legacy name certbot-dns-aliyun:dns-aliyun may be removed in a future version. Please use dns-aliyun instead.
Plugins selected: Authenticator certbot-dns-aliyun:dns-aliyun, Installer None
Requesting a certificate for scp-makerspace.com and *.scp-makerspace.com
Performing the following challenges:
dns-01 challenge for scp-makerspace.com
dns-01 challenge for scp-makerspace.com
Cleaning up challenges
Encountered exception during recovery: certbot.errors.PluginError: Unable to determine zone identifier for scp-makerspace.com using zone names: ['scp-makerspace.com', 'com']
Unable to determine zone identifier for scp-makerspace.com using zone names: ['scp-makerspace.com', 'com']
I searched on the Internet and about 5 unique results of the same problem showed up, and they are all of v0.2x versions of certbot. My certbot version is now 1.11.0. Also, this seems to be a problem across multiple versions of dns plugins (regardless of the dns provider).
In some of the solutions, it is mentioned to check if the domain is not "blocked". I'm not entirely sure what does this mean/how can I check this, but I am able to access the webpage service hosted on my domain directly from browser.
How could I fix this?
P.S. The warning in the output data about changing certbot-dns-aliyun:dns-aliyun to dns-aliyun doens't make any difference to the output.