Can’t get cert to work on nginx proxy manager

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: napsternet.net

I hope this is allowed but can someone tell me why this error is happening? The only thing I know if that has changed on my server today is setting up unraid with a cert and remote access? Are they some how conflicted? All ports show open? Any help would be awesome and yes this is for nginx proxy manager docker on unraid

image1179×2556 289 KB

Hello @Lassley7, welcome to the Let's Encrypt community.

I think you are hitting the Rate Limits.
Testing and debugging are best done using the Staging Environment as the Rate Limits are much higher. Rate Limits are per week (rolling).

Hi @Lassley7, and welcome to the LE community forum

The first error is pretty clear:

You should test using the staging environment.

Here is a list of issued certificates for that domain crt.sh | napsternet.net
and that is a lot of issued certificates.

image1215×970 60.5 KB

Also all 3 Let's Debug show the same Warning

The domain napsternet.net is being served through Cloudflare CDN. Any Let's Encrypt certificate installed on the origin server will only encrypt traffic between the server and Cloudflare. It is strongly recommended that the SSL option 'Full SSL (strict)' be enabled.

1. http-01 Let's Debug
2. dns-01 Let's Debug
3. tls-alpn-01 Let's Debug

Sorry wrong image, that was before I had it working this is now the outcome. And I idioticly deleted my unraid docker too try to “refresh” everything and now I can’t get any SSL to work

image1179×2556 310 KB

Yes, because for some reason things keep breaking

Please use the Staging Environment as the Rate Limits are much higher. Rate Limits are per week (rolling).

And to assist with debugging there is a great place to start is Let's Debug.

I can’t find how to do that on unraid, also would my rate be why I also can’t get unraid to provision a cert?

Oct 13 12:08:54 Poseidon root: Error: Server was unable to provision SSL certificate
Oct 13 12:08:54 Poseidon emhttpd: shcmd (1007): exit status: 1
Oct 13 12:08:54 Poseidon emhttpd: shcmd (1008): /etc/rc.d/rc.nginx reload
Oct 13 12:08:54 Poseidon root: Checking configuration for correct syntax and
Oct 13 12:08:54 Poseidon root: then trying to open files referenced in configuration...
Oct 13 12:08:54 Poseidon root: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Oct 13 12:08:54 Poseidon root: nginx: configuration file /etc/nginx/nginx.conf test is successful
Oct 13 12:08:54 Poseidon root: Reloading Nginx configuration...
Oct 13 12:08:57 Poseidon nginx: 2022/10/13 12:08:57 [alert] 30395#30395: *3506966 open socket #26 left in connection 12
Oct 13 12:08:57 Poseidon nginx: 2022/10/13 12:08:57 [alert] 30395#30395: *3506978 open socket #25 left in connection 13
Oct 13 12:08:57 Poseidon nginx: 2022/10/13 12:08:57 [alert] 30395#30395: aborting

Try asking about that on a related forum.

The picture, and the added logs, don't explain why it failed.
You can check the FQDN using Let's Debug to see if it is currently affected by any rate limits.

Here letsdebug-toolkit you can see

image1025×665 11.7 KB

And going to https://radarr.napsternet.net/ this is what I see with Windows 10 Firefox 105.0.3 (64-bit).

image852×781 8.97 KB

SSL Labs findings SSL Server Test: radarr.napsternet.net (Powered by Qualys SSL Labs)

Here is a visual of Let's Debug's DNS-01, HTTP-01 shows the same message

image1062×667 11.4 KB

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.