Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
It produced this output: "Internal Error", Thats it......
while following a YouTube video I got the following while trying to setup a Cloudflare DDNS Cert.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.
at /app/lib/utils.js:16:13
at ChildProcess.exithandler (node:child_process:410:5)
at ChildProcess.emit (node:events:513:28)
at maybeClose (node:internal/child_process:1100:16)
at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)```
My web server is (include version): ??? NGINX Proxy Manager v2.12.1
The operating system my web server runs on is (include version):??? Proxmox 8.2.2
My hosting provider, if applicable, is: Tried Duckdns, now trying to setup Cloudflare
I can login to a root shell on my machine (yes or no, or I don't know): ??? I don't know what your refering to, The Proxmox, The NGINX container,Something else?
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): ???
The version of my client is (e.g. output of `certbot --version` or `certbot-auto --version` if you're using Certbot): No Idea.
Details:
I've had a docker of NGINX Proxy Manager setup on my unraid for several months and when I set it up I was able to generate and get working the certs and most links all using DuckDNS for DynDNS Provider. My unraid cashed the last week so I tried re-making everything on a proxmox container (Using ttech's helper script to install the container) but I am unable to create ANY certificates all entries say "HTTP only", I am now following (or trying to) a video on Youtube (https://www.youtube.com/79e6KBYcVmQ) on a guy doing all kinds of NGINX, and Cloudflare DDNS, and such and I get to where i'm supposed to create the cert, but I get the above error titled the same "Internal Error" that I've been getting trying to do them through duckdns. Both Cloudflare and DuckDNS are getting my external IP. I really don't know any of this stuff so the best I can do is try to follow video tutorials to get stuff working, When I get issues like this I'm lost so, please, be patient with me.
I just tried the same procedure but to Duckdns (dsu-home.duckdns.org) and got the following error (also "Internal Error"
Internal Error
CommandError: usage:
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...
Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
certificate.
certbot: error: unrecognized arguments: --dns-duckdns-credentials /etc/letsencrypt/credentials/credentials-21 --dns-duckdns-no-txt-restore
at /app/lib/utils.js:16:13
at ChildProcess.exithandler (node:child_process:410:5)
at ChildProcess.emit (node:events:513:28)
at maybeClose (node:internal/child_process:1100:16)
at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)
I went to "add certificate" in NGINX Proxy Manager then added my "domains" clicked on DNS Challenge, added my token then clicked accept terms and submit, got the error in return.
For some reason it just started working maybe 10 minutes after posting above for the duckdns version, the Cloudflare version still gave me an error though.
by "Duckdns Plugin" do you mean the program that tells them My IP (I have this on my unnraid and in portainer on my proxmox)? or is that something else entirely?
I went to that reddit page and put the line in the NGINX terminal screen on my proxmox (just in case) and got this, No idea if the "warning" really means anything or not since it says it was successful.
root@nginxproxymanager:~# pip install certbot_dns_duckdns
Collecting certbot_dns_duckdns
Downloading certbot_dns_duckdns-1.3-py3-none-any.whl (12 kB)
Requirement already satisfied: certbot<3.0,>=1.18.0 in /usr/lib/python3/dist-packages (from certbot_dns_duckdns) (2.1.0)
Requirement already satisfied: requests<3.0,>=2.20.0 in /usr/lib/python3/dist-packages (from certbot_dns_duckdns) (2.28.1)
Collecting dnspython<3.0,>=2.0.0
Downloading dnspython-2.7.0-py3-none-any.whl (313 kB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 313.6/313.6 kB 4.0 MB/s eta 0:00:00
Installing collected packages: dnspython, certbot_dns_duckdns
Successfully installed certbot_dns_duckdns-1.3 dnspython-2.7.0
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
root@nginxproxymanager:~#
No it's a plugin for certbot (the tool which requests your certificate from Let's Encrypt) and it's used to populate a TXT record in your domain's DNS as a challenge response to prove you control that domain (an alternative to DNS domain validation is HTTP domain validation).
Well, I don't know if it has anything to do with NPM or not, but I'm getting "403 Openresty" Errors when I try to go to my sites that I was able to make certs for, I think it may just be the ones I have behind a password, The public ones (I only have 2 of them) seem to work external to my home network.Did I do something wrong setting therm up?
What I did:
Create New
Name ([Service].dsu-home.duckdns.org)
Select Cache, Websocket, and/or Block known threats
Go to SSL tab
select "Get New Cert"
Toggle accept terms button
Click submit
.... wait....
Get Internal error, May or may not create the proxy but it would be "http only"
Note, I wish there was an edit button on this forum....
I tried to make that dsu-home.com name on cloudflare but its saying something about redirecting name servers to them or something, I have no idea where or how to do that since that cloudflare is the only place I put it, and they just show it as " dsu-home.com is not active on Cloudflare yet. Update the nameservers at your registrar to activate Cloudflare services for this domain.". I have not gone to any "domain for sale" sites to purchase any, so I don't think that is gonna be working any time soon. but my dsu-home.duckdns.org ones kinda work.
Do you see a "pencil" icon on the bottom of your posts? There were some restrictions added for new users recently due to spammers abusing that but I think you should be able to use that.
Yes, an openresty server replies to HTTP requests (port 80) but fails HTTPS (port 443) requests from the public internet. That is an NPM config problem best directed to their support forum.
If you have not purchased that name from somewhere you won't be able to use it on the public internet. The public DNS system (and public certs) require a public domain name.