Hello there,

Recently we had an issue with renewal of SSL because the API keys were changed (invalid). Let me explain in details.

We are using Cloudflare to manage the DNS of all of our sites. On top of that we are using GridPane (https://gridpane.com/) to manage our website. The Cloudflare is connected with Gridpane using Cloudflare API keys.

Now, I know API Keys are not recommended to be used, but GridPane only supports API Key integration, and there’s nothing we can do.

Back to the problem - GridPane renews SSL automatically 30 days before the certificate expires. It does using DNS, which is managed by Cloudflare. And if the connection between those services breaks (ie, invalid API Key), the certificate renewal fails. And that is what the problem. We didn’t change the API key (at least not knowingly), and I am tying to figure out how did this happen.

So, my question - Is there any expiry date to API Key?

We added users in Cloudflare, enabled 2FA in the system.

Before that this problem never happened. Did the action that we did cause this problem?

Thanks in advance

Not that I’m aware of. I have a system that uses my global API key in the same way and I don’t think my key has changed in several years. Nor has it ever changed (or expired) on its own.

Have you compared the current key to what you had set before?

Thank you for your response.

I think I have a theory.

We had an old user that we deleted during account management. I believe the system was using the API key of that user, and when we deleted the user, the API key was invalidated automatically.

Is that possible?

That’s possible. Removing a user = revoking any API keys associated to the user (more accurately, revoke the permissions given to the API keys).

Your global API Key does not expire by it’s own. You would have to do that manually.

But for API Token, which can expire, if you set an TTL for that API token:

image940×962 24.9 KB

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.