Let's encrypt dns challenge Transip | Home Assistant | Page 1

severe plaza May 21, 2025, 5:29 PM

#

Hi, I would like to setup HA with SSL using the Let's encrypt add-on. My DNS provider is transip which convenietnly is supported. However, i think transip has changed its API - current description: https://api.transip.nl/rest/docs.html and tried to find in the code on githun whether I could find out myself. But I couldn't. I have created a keypair with Transip and stored the private key in RSA format as .pem on my HA in /ssl/key.pem. I also created an access token and configured Let's Encrypt:
email: <my e-mail>
domains:

<my domain>
certfile: fullchain.pem
keyfile: privkey.pem
challenge: dns
dns:
provider: dns-transip
transip_account_name: <my username at transip>
transip_private_key_path: /ssl/key.pem
transip_api_key: <access token>

when starting Let's encrypt I get: cont-init: info: running /etc/cont-init.d/file-structure.sh
Could not find private key from <stdin>

What am I doing wrong or is it really that transip has changed its api and the add-on no longer works?

topaz saddle May 21, 2025, 11:53 PM

#

That doesn't look like it matches the documentation

#

https://github.com/home-assistant/addons/blob/master/letsencrypt/DOCS.md

You followed the section here?

#

It gives an example of:

email: your.email@example.com
domains:
  - your.domain.tld
certfile: fullchain.pem
keyfile: privkey.pem
challenge: dns
dns:
  provider: dns-transip
  transip_username: transip-user
  transip_global_key: 'no'
  transip_api_key: |
    -----BEGIN PRIVATE KEY-----
    MII..ABCDEFGHIJKLMNOPQRSTUVWXYZ
    AAAAAABCDEFGHIJKLMNOPQRSTUVWXYZ
    -----END PRIVATE KEY-----

severe plaza May 22, 2025, 5:12 AM

#

the documentation for transip is not up to date here: https://github.com/home-assistant/addons/blob/master/letsencrypt/DOCS.md as when I tried to add the transip_api_key in the configuration of Let's Encrypt addon, it was automatically removed.

GitHub

addons/letsencrypt/DOCS.md at master · home-assistant/addons

:heavy_plus_sign: Docker add-ons for Home Assistant - home-assistant/addons

topaz saddle May 22, 2025, 10:20 AM

#

Why are you saying it's not up to date and where do you believe the correct documentation is that you utilized?

I'm not clear on what you attempted and how it was "automatically removed"

#

I can tell you with certainty that the error you posted means that your transip_api_key DNS setting was not a PEM encoded key

severe plaza May 22, 2025, 4:03 PM

#

I used this to create the PEM encoded key:
openssl rsa -in transipkey.pem -out key.pem -outform PEM

#

the transipkey.pem was the file I created using the cleartext -----BEGIN PRIVATE KEY-----
MII..ABCDEFGHIJKLMNOPQRSTUVWXYZ
AAAAAABCDEFGHIJKLMNOPQRSTUVWXYZ
-----END PRIVATE KEY----- , I created in my transip account

#

what i tried to say, when I save this configuration in the Let's Encrypt addon, the transip_api_key is removed as soon as I save

#Let's encrypt dns challenge Transip