Certbot Cloudflare DNS Challenge error --dns-cloudflare-credentials

When certbot is showing you the error "certbot: error: unrecognized arguments: --dns-cloudflare-credentials" you might find the following helpful:

Problem

root@linlxc033:~#
root@linlxc033:~# certbot certonly --dns-cloudflare --dns-cloudflare-credentials /root/tls/certbot/cloudflare-api.key --preferred-challenges dns-01 -d "somedomain.com" -d "*.somedomain.com"
usage:
  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certificate.
certbot: error: unrecognized arguments: --dns-cloudflare-credentials /root/tls/certbot/cloudflare-api.key
root@linlxc033:~#
root@linlxc033:~#

Solution

Install the required package. This is the solution if you have installed python3-certbot as an apt package:

sudo apt -y install python3-certbot-dns-cloudflare

This is the solution if you have installed certbot as a snap:

sudo snap set certbot trust-plugin-with-root=ok
sudo snap install certbot-dns-cloudflare

Example

root@linlxc033:~#
root@linlxc033:~# sudo apt -y install python3-certbot-dns-cloudflare
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
[...]
root@linlxc033:~#
root@linlxc033:~# sudo snap set certbot trust-plugin-with-root=ok
root@linlxc033:~# sudo snap install certbot-dns-cloudflare
certbot-dns-cloudflare 2.8.0 from Certbot Project (certbot-eff✓) installed
root@linlxc033:~#
root@linlxc033:~#
root@linlxc033:~# certbot certonly --dns-cloudflare --dns-cloudflare-credentials /root/tls/certbot/cloudflare-api.key --preferred-challenges dns-01 -d "somedomain.com" -d "*.somedomain.com"
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for somedomain.com and *.somedomain.com   
Unsafe permissions on credentials configuration file: /root/tls/certbot/cloudflare-api.key
Waiting 10 seconds for DNS changes to propagate

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/somedomain.com/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/somedomain.com/privkey.pem
This certificate expires on 2024-08-04.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
 * Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 * Donating to EFF:                    https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
root@linlxc033:~#
root@linlxc033:~#
 

Azure Managed Identities (technical service accounts)

Explaination Azure Managed Identities = technical service accounts Password is automatically managed, as it was the case in managed service ...