I ran this command: Proxy Host Request a new SSL cert
It produced this output: PermissionError: [Errno 1] Operation not permitted: '/etc/letsencrypt/renewal/npm-6.conf'
The operating system my web server runs on is (include version): TrueNAS ElectricEel-24.10.1
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I just installed TrueNAS and I am installing NGINX Proxy Manager (I had this running on my old NAS fine). When I try and create an SSL cert from the Proxy Host I get the permissions error above. I have looked, permissions appear to be correct, the user the app is running on should have permissions to the folder.
That sounds like a system configuration problem which is probably best addressed at the NPM support forum.
Debugging NPM is difficult as it often hides the essential info of what happened. Like in this case. NPM looks to have some kind of trouble reading or writing its own conf file. Maybe it created it wrong and a different program can't read it. Hard to say. The NPM forum is better equipped to instruct you about this.
Yeah, fair enough to try here. NPM uses a program named Certbot to get the certificates. And, Certbot links to this forum for any error. Literally any error even if used to get a cert from Google rather than Let's Encrypt for example
We see NPM problems often enough to know whether it is something we can assist with or not. I am confident this problem is better addressed with NPM.
Yes, that's an error from Let's Encrypt when you exceed its Rate Limits. The full error message provides a link to more details and the date/time when you can try again. The NPM system probably doesn't make it easy to see but you might find that in Certbot's .../letsencrypt.log
We can see from the public Certificate Transparency logs you have gotten a bunch of certs for actual subdomain. If your system is not using these certs that, again, is an NPM problem.
Is that local then or would my old setup count? Currently I deleted the new setup and I am going to try and start again. Is there something I have to delete for other instances or is it only for the current instance?
It is any cert from any system by anyone (for those domain names). It is in the (permanent) Let's Encyrypt database, if you will. LE actually issued those certs and used resources to do so. That is what is being limited. The LE Staging system is best used when testing. I don't know how you do that with NPM.
From the page I linked
Up to 5 certificates can be issued per exact same set of hostnames every 7 days. This is a global limit, and all new order requests, regardless of which account submits them, count towards this limit. The ability to request new certificates for the same exact set of hostnames refills at a rate of 1 certificate every 34 hours.
Sorry, yeah, that is kind of what I meant. It was created on LE end but my system never got them or was able to save them. I assume I am going to have to wait 7 days to try again?