Certbot fails with error "Unable to determine zone_id for <domain>"

The full error, when running certbot, to obtain a new SSL Certificate is as follows:

Unable to determine zone_id for using zone names: [‘domain’, '…, ‘uk’]. Please confirm that the domain name has been entered correctly and is already associated with the supplied Cloudflare account.

But the domain is correct, and the domain is associated with my cloudflare account.

When I test my API token, as follows, the results seem to suggest everything is fine:

curl -X GET “[cloudflare/client/v4/user/tokens/verify]” -H “Authorization: Bearer …[REDACTED]…” -H “Content-Type:application/json”

Where [REDACTED] is my DNS Editing API Token.

I get this result:

{“result”:{“id”:“c5735454d50154006a73a18e7aa24eb2”,“status”:“active”,“not_before”:“2023-08-29T00:00:00Z”,“expires_on”:“2033-08-28T23:59:59Z”},“success”:true,“errors”:,“messages”:[{“code”:10000,“message”:“This API Token is valid and active”,“type”:null}]}

Notice the bit that says: “This API Token is valid and active”

But the zone_id is known to my account. I can see it there, in my cloudflare account, in the “overview” page, above my account ID.

If anyone has a clue what’s going wrong. Please share your wisdom.
Thanks for your help :slight_smile:


This text will be hidden