nginx-proxy-manager: SSL Internal Error on request a new SSL certificate

Checklist

  • Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
    • Yes
  • Are you sure you’re not using someone else’s docker image?
    • Yes
  • Have you searched for similar issues (both open and closed)?
    • Yes

Describe the bug When trying to request a a new SSL Certifcate i get internal error image

Nginx Proxy Manager Version v2.10.4

To Reproduce Steps to reproduce the behavior:

  1. Go to Hosts
  2. Click on Add Proxy Host
  3. Click on SSL
  4. SSL Certificate > Request a new SSL Certificate
  5. Save > Internal Error

Screenshots

Operating System Ubuntu 20.04 - 64bit, running Portainer v2.19.2

Additional context Cloudflare (NO PROXY): A => dayroxy.online => ip CNAMe => * => dayroxy.online

` 2023-11-15 05:51:29,337:DEBUG:acme.client:Storing nonce: GEqhmX18EBYehAoQEeHOv-lemRWL1u8IRLnVc7o6fKR1jTTNhtU 2023-11-15 05:51:29,338:INFO:certbot._internal.auth_handler:Challenge failed for domain portainer.dayroxy.online 2023-11-15 05:51:29,338:INFO:certbot._internal.auth_handler:http-01 challenge for portainer.dayroxy.online 2023-11-15 05:51:29,338:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: portainer.dayroxy.online Type: connection Detail: 87.237.52.121: Fetching http://portainer.dayroxy.online/.well-known/acme-challenge/MS4A57_vkBnqeWLmBgQXIt0bxXNSIi88aYDifAQO7dk: Connection reset by peer

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

2023-11-15 05:51:29,339:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File “/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py”, line 108, in handle_authorizations self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort) File “/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py”, line 212, in _poll_authorizations raise errors.AuthorizationError(‘Some challenges have failed.’) certbot.errors.AuthorizationError: Some challenges have failed.

2023-11-15 05:51:29,339:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-11-15 05:51:29,339:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-11-15 05:51:29,339:DEBUG:certbot._internal.plugins.webroot:Removing /data/letsencrypt-acme-challenge/.well-known/acme-challenge/MS4A57_vkBnqeWLmBgQXIt0bxXNSIi88aYDifAQO7dk 2023-11-15 05:51:29,339:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up 2023-11-15 05:51:29,340:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File “/usr/bin/certbot”, line 8, in <module> sys.exit(main()) File “/opt/certbot/lib/python3.7/site-packages/certbot/main.py”, line 19, in main return internal_main.main(cli_args) File “/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py”, line 1864, in main return config.func(config, plugins) File “/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py”, line 1597, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File “/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py”, line 141, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File “/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py”, line 516, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File “/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py”, line 428, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File “/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py”, line 496, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File “/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py”, line 108, in handle_authorizations self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort) File “/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py”, line 212, in _poll_authorizations raise errors.AuthorizationError(‘Some challenges have failed.’) certbot.errors.AuthorizationError: Some challenges have failed. 2023-11-15 05:51:29,341:ERROR:certbot._internal.log:Some challenges have failed. `

About this issue

  • Original URL
  • State: open
  • Created 8 months ago
  • Reactions: 5
  • Comments: 39

Most upvoted comments

I also have this issue and all my certs are running out in some days. Will this be fixed by the devs or is this NPM project dead? Need to know this urgently.

If you read my reply, simply adding “network_mode: host`” to the bottom of the stack, allows auto renew of the certs in the last 30 days.

image

Well I tried that and now I cannot login anymore!!! Bad Gateway error message. What in the world… Does no one test this stuff before releasing? Looking up it seems that dozends of other also have the same issue with “bad gateway” when trying to login. So, now I’m stuck and can revert back everything. This is so annoying…

+1
firefox7518 on Mar 22, 2024

Adding network_mode: host in the docker-compose.yml fixed it for me.

+1
jsbrain on Nov 20, 2023
Read more comments on GitHub
← nginx-proxy-manager: SSL duckdns internal error
nginx-proxy-manager: SSL/Let's encrypt not working anymore after update or any other version →