Add SSL certificate error from Nginx: ERROR:certbot._internal.log:ModuleNotFoundError: No module named 'dns'


I recently set up an nginx server and registered a domain on duckdns. However, when I attempted to add an SSL certificate from within NGINX, I get an error of:

ERROR:certbot._internal.log:ModuleNotFoundError: No module named 'dns'

Can anyone shed some light into this problem? This domain "" is newly registered and I have never request an SSL certificate for it before.

My domain is:

I ran this command: using the web GUI on nginx

certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-7" --agree-tos --authenticator webroot --email "" --preferred-challenges "dns,http" --domains ""

It produced this output:

Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-7" --agree-tos --authenticator webroot --email "" --preferred-challenges "dns,http" --domains ""
An unexpected error occurred:
ModuleNotFoundError: No module named 'dns'
Ask for help or search for solutions at See the logfile /tmp/tmp2xzmehy8/log or re-run Certbot with -v for more details.

at ChildProcess.exithandler (node:child_process:397:12)
at ChildProcess.emit (node:events:390:28)
at maybeClose (node:internal/child_process:1064:16)
at Process.ChildProcess._handle.onexit (node:internal/child_process:301:5)

My web server is (include version):

google Chrome 97.0.4692.71 (Official Build) (64-bit)

The operating system my web server runs on is (include version):

Windows 10

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

yes, as NGINX is running as a docker container

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

bash-5.1# certbot --version
certbot 1.22.0

the content of the log is:

2022-01-13 04:23:08,901:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 8, in
File "/usr/lib/python3.9/site-packages/certbot/", line 19, in main
return internal_main.main(cli_args)
File "/usr/lib/python3.9/site-packages/certbot/_internal/", line 1593, in main
plugins = plugins_disco.PluginsRegistry.find_all()
File "/usr/lib/python3.9/site-packages/certbot/_internal/plugins/", line 241, in find_all
plugin_ep = cls._load_entry_point(entry_point, plugins, with_prefix=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/plugins/", line 261, in _load_entry_point
plugin_ep = PluginEntryPoint(entry_point, with_prefix)
File "/usr/lib/python3.9/site-packages/certbot/_internal/plugins/", line 60, in init
self.plugin_cls: Type[interfaces.Plugin] = entry_point.load()
File "/usr/lib/python3.9/site-packages/pkg_resources/", line 2465, in load
return self.resolve()
File "/usr/lib/python3.9/site-packages/pkg_resources/", line 2471, in resolve
module = import(self.module_name, fromlist=['name'], level=0)
File "/config/.local/lib/python3.9/site-packages/certbot_dns_duckdns/cert/", line 4, in
from dns import resolver
ModuleNotFoundError: No module named 'dns'
2022-01-13 04:23:08,901:ERROR:certbot._internal.log:An unexpected error occurred:
2022-01-13 04:23:08,901:ERROR:certbot._internal.log:ModuleNotFoundError: No module named 'dns'

Try it without "dns"

If that fails, try removing all the unnecessary "


This is probably related to a boo boo from the developers from the DuckDNS plugin, see No module named 'dns' for more info and possible solution (not sure if it'll work with the horrible software called NPM.

That said, indeed as Rudy already said, do you actually need the DNS plugin to begin with? As you specifically specify --authenticator webroot..


Thanks for the prompt reply. Must be my luck, because I actually successfully requested a SSL certificate a few days ago for a different domain name using the exact method. This bug must be introduced very recently.

I must submit that I am not that well-versed in NGINX. I requested the SSL certificate through the NGINX web-gui where NGINX is running as a server within a docker container. Thus, I am not sure how to modify the command to get rid of the unnecessary options. If anyone can offer a suggestion, please kindly let me know.


1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.