Having just hit this issue, here are some notes for anyone else in a
hurry to fix it before their certificates expire:
1. I have a Gandi API token, which is deprecated but still works. I've
not attempted to fix that yet.
2. I'm running Debian 12.10 with automatic updates. I currently have
python3-certbot-dns-gandi version 1.4.3-1.
3. I first modified my /etc/letsencrypt/gandi.ini to:
dns_gandi_api_key=abcdefghijklmn
4. For each domain, I then modified two lines in
/etc/letsencrypt/renewal/DOMAIN.conf to:
authenticator = dns-gandi
dns_gandi_credentials = /etc/letsencrypt/gandi.ini
5. For each domain, I then ran
letsencrypt renew --cert-name NAME
where NAME == DOMAIN in my case, but may not always be so.
This has worked for me. I don't know if it will now successfully
automatically renew in future.
It would be great if some of this happened automatically.
Note this change has coincided with Lets Encrypt deciding to stop
sending out domain expiry emails.
I only knew that something was wrong because of those emails, and would
have missed it if it had
happened in a few weeks time.
I hope this is useful to someone who finds this bug when searching for
the error message that
I found in the log file.
Regards, Phil.
